🔬 Conversion Rate Optimisation for your 🌐 WordPress & 🛒 WooCommerce: skyrocket sales with modern proven methods! The purpose of recurrent CRO services is to constantly improve the likelihood of visitors taking your desired action on your domain.
Be informed about the latest WP Cross-Site Request Forgery, identified and reported publicly. As these WP CSRF AUG 2024 vulnerabilities have a severe negative impact on any WordPress Security, consider our security audit. It is a +57% INCREASE compared to previous month, as specifically targeted Cross-Site Request Forgeries. Consider for your online safety, a managed WP/Woo Security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Request Forgeries cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP CSRF AUG 2024 & WP Cross-Site Request Forgery category:
| Advanced AJAX Page Loader | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Affiliate Manager | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Affiliate Manager | Profile Update (BAC) via Cross-Site Request Forgery (CSRF) |
| Affiliate Manager | Affiliate Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| Animated Rotating Words | Cross-Site Request Forgery (CSRF) |
| ArtPlacer Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ashe Theme | Cross-Site Request Forgery (CSRF) |
| Attachment File Icons | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Bard Theme | Cross-Site Request Forgery (CSRF) |
| Blocksy Theme | Cross-Site Request Forgery (CSRF) |
| BuddyBoss Theme Theme | Cross-Site Request Forgery (CSRF) |
| CM Email Registration Blacklist and Whitelist | Add/Delete Emails via Cross-Site Request Forgery (CSRF) Add and delete any item from blacklist/whitelist |
| CM On Demand Search And Replace | Plugin Reset (BAC) via Cross-Site Request Forgery (CSRF) |
| Comment Reply Email | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Community Events | Event Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| Conditional Fields for Contact Form | Cross-Site Request Forgery (CSRF) to Plugin Setting Reset (BAC) |
| Construction Landing Page Theme | Cross-Site Request Forgery (CSRF) |
| Contact Form Summary and Print | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Cooked | Multiple Cross-Site Request Forgery (CSRF) |
| Event post | Cross-Site Request Forgery (CSRF) |
| Event Tickets | Cross-Site Request Forgery (CSRF) |
| Floating Social Buttons | Cross-Site Request Forgery (CSRF) |
| Generate PDF using Contact Form | Cross-Site Request Forgery (CSRF) to Arbitrary File Deletion (BAC) |
| Generate PDF using Contact Form | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Google Adsense & Banner Ads by AdsforWP | Cross-Site Request Forgery (CSRF) |
| Hestia Theme | Cross-Site Request Forgery (CSRF) |
| Highlight Theme | Cross-Site Request Forgery (CSRF) |
| Himer Theme | Multiple Cross-Site Request Forgery (CSRF) |
| HTML Forms | Bulk Delete via Cross-Site Request Forgery (CSRF) |
| iamaze Theme | Cross-Site Request Forgery (CSRF) |
| Internal Link Juicer: SEO Auto Linker for WordPress | Cross-Site Request Forgery (CSRF) |
| itransform Theme | Cross-Site Request Forgery (CSRF) |
| Just Custom Fields | Cross-Site Request Forgery (CSRF) via AJAX actions |
| Lawyer Landing Page Theme | Cross-Site Request Forgery (CSRF) |
| Leaky Paywall | Cross-Site Request Forgery (CSRF) |
| Light Poll | Poll Answers Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| ListingPro Theme | Cross-Site Request Forgery (CSRF) to Account Takeover |
| LiteSpeed Cache | Cross-Site Request Forgery (CSRF) (CSRF) to Cross-Site Scripting (XSS) |
| Matomo Analytics | Cross-Site Request Forgery (CSRF) leading to Notice Dismissal |
| MBE eShip | Cross-Site Request Forgery (CSRF) |
| Metorik – Reports & Email Automation for WooCommerce | Cross-Site Request Forgery (CSRF) |
| Nested Pages | Cross-Site Request Forgery (CSRF) to Local File Inclusion (LFi) |
| Ninja Forms | Cross-Site Request Forgery (CSRF) |
| Oceanic Theme | Cross-Site Request Forgery (CSRF) |
| Pardakht Delkhah | Form Fields Reset (BAC) via Cross-Site Request Forgery (CSRF) |
| Patricia Blog Theme | Cross-Site Request Forgery (CSRF) |
| Patricia Lite Theme | Cross-Site Request Forgery (CSRF) |
| Point Theme | Cross-Site Request Forgery (CSRF) |
| Popularis Verse Theme | Cross-Site Request Forgery (CSRF) |
| Posterity Theme | Cross-Site Request Forgery (CSRF) |
| Pricing Table | Cross-Site Request Forgery (CSRF) via ajax |
| pzfrontendmanager | Cross-Site Request Forgery (CSRF) change user profile picture |
| Rara Business Theme | Cross-Site Request Forgery (CSRF) |
| Rife Free Theme | Cross-Site Request Forgery (CSRF) |
| ScrollTo Bottom | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| ScrollTo Top | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) |
| Send email only on Reply to My Comment | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Seraphinite Accelerator (Full, premium) | Cross-Site Request Forgery (CSRF) Leading to Arbitrary File Deletion (BAC) |
| sitetweet | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| Smart Image Gallery | Update/Delete Google API Key via Cross-Site Request Forgery (CSRF) |
| Smartsupp – live chat, chatbots, AI and lead generation | Cross-Site Request Forgery (CSRF) |
| Snippet Shortcodes | Cross-Site Request Forgery (CSRF) |
| Social Auto Poster | Cross-Site Request Forgery (CSRF) via Multiple Functions |
| SociallyViral Theme | Cross-Site Request Forgery (CSRF) |
| SULly | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
| SULly | Plugin Reset (BAC) via Cross-Site Request Forgery (CSRF) |
| Swift Performance Lite | Cross-Site Request Forgery (CSRF) |
| Taggbox | Cross-Site Request Forgery (CSRF) |
| Telegram Bot & Channel | Cross-Site Request Forgery (CSRF) |
| The Events Calendar | Cross-Site Request Forgery (CSRF) |
| Trendy News Theme | Cross-Site Request Forgery (CSRF) |
| Ultimate Auction | Cross-Site Request Forgery (CSRF) |
| WordPress Cliengo Chatbot plugin | Cross-Site Request Forgery (CSRF) |
| WP Ajax Contact Form | Arbitrary Email Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| WP eMember | Bulk Delete via Cross-Site Request Forgery (CSRF) |
| WP eMember | Cross-Site Scripting (XSS) in Blacklist via Cross-Site Request Forgery (CSRF) |
| WP eStore | Coupon Deletion (BAC) via Cross-Site Request Forgery (CSRF) |
| WP Fast Total Search | Cross-Site Request Forgery (CSRF) |
| WP GoToWebinar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WPQA Builder forms Addon | Arbitrary Category and Tag Follow/Unfollow via Cross-Site Request Forgery (CSRF) |
| WordPress CSRF & Cross-Site Request Forgery reported in 2023: | 949 |
| WordPress CSRF & Cross-Site Request Forgery reported in 2024: | 549 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.