Update Multiple WordPress Plugins to Avoid Security Vulnerability

A great number of WordPress plugins (including many popular plugins with over millions of downloads) have been reported with vulnerability issues due to the misuse of the add_query_arg() and remove_query_arg() functions. These plugins include:

  •    Jetpack
  •    WordPress SEO
  •    Google Analytics by Yoast
  •    All in One SEO Pack
  •    Gravity Forms
  •    UpdraftPlus
  •    WP e-Commerce
  •    WP Touch
  •    Download Monitor
  •    Related Posts for WordPress
  •    My Calendar
  •    P3 Profiler
  •    Give
  •    Broken Link Checker
  •    Ninja Forms

As the problematic functions are very popular (functions used by developers to modify and add query strings to URLs within WordPress websites), there is a great chance that some other problematic plugins are not listed above. We strongly recommend that all WordPress users perform a full site backup and update the plugins ASAP. To learn more details about the vulnerability issues, please visit this blog article from Sucuri, the online website scanning firm.

Posted in: Plugins, Security