High Severity Vulnerability Leads to Closure of Plugin with Over 100,000 Installations On April 1, 2020, the Wordfence Threat Intelligence team discovered a stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Datepicker , a WordPress plugin installed on over 100,000 sites. As the plugin developer’s github page indicated that the plugin was no longer being maintained, we contacted the WordPress plugins team with our disclosure, and they immediately removed the plugin from the repository for review. We also contacted the plugin’s developer and received a response verifying that they had no plans to maintain it and were satisfied with removing the plugin from the repository. All Wordfence users, including Wordfence free and Wordfence Premium users, are protected from this vulnerability by the Wordfence Firewall’s built-in XSS protection. Nonetheless, we strongly recommend deactivating and removing this plugin. Description : Authenticated Stored Cross
It is a personal Blog, of a freelancer name Lalit yadav, develop customize software,seo solutions,eCommerce solution, web designing,technical consultant,java,php,.net expert,Mobile web,VAS services expert,wordpress,opencart,IVR solution provider and developer.