Recently (April 21, 2015) I received an email from Sucuri warning that some popular plugins like SEO by Yoast, WPTouch, Jetpack, All in One SEO Pack, Updraft Plus, iThemes Exchange… just released an urgent update to patch security flaws that hackers can exploit for technical attacks. XSS (Cross Site Scripting) and this is a popular attack technique second only to SQL Injection.
Error Cause
This error was initially Yoast de Valk mentioned to Sucuri when Johannes Schmitt of the Scrutinizer CI respond to him that SEO by Yoast and Google Analytics by Yoast plugins have a vulnerability due to misuse of functions add_query_arg() and remove_query_arg() which is used for the purpose of passing the parameters specified on the URL to the query and then sending a request to the database to get the data. The reason described by Joost is that copying the example of these two functions on the WordPress Codex and WordPress Development accidentally created a vulnerability because the example content already has that vulnerability (now fixed).
In addition, Joost de Valk also discovered that many plugins (and all popular plugins) are suffering from this error, so maybe yesterday or today you will receive many requests to update the plugin, here’s why.
If you are a programmer, I encourage you Read Sucuri’s post to learn more about this error.
How to update?
You will simply see an update notification when you go to the WordPress Dashboard page or go to http://domain.com/wp-admin/update-core.php and press the Check Update button to see if there are any update requests. new, if yes then update your entire plugin.
List of plugins with this error
- Jetpack
- WordPress SEO
- Google Analytics by Yoast
- All In One SEO
- Gravity Forms
- Multiple Plugins from Easy Digital Downloads
- UpdraftPlus
- WP-E-Commerce
- WPTouch
- Download Monitor
- Related Posts for WordPress
- My Calendar
- P3 Profiler
- Give
- Multiple iThemes products including Builder and Exchange
- Broken-Link-Checker
- Ninja Forms
Source: Many popular WordPress plugins have security flaws
– TechtipsnReview
![[Premium] 14 best plugins to create unique menus](https://techtipsnreview.com/wp-content/uploads/2022/09/Premium-14-best-plugins-to-create-unique-menus-400x245.jpg)
