We would like to inform you of the top 5 most commonly used vulnerable plugins as of 2022. If you are using any of these plug-ins, please update your site as soon as possible.

Vulnerability #1 Contact Form 7

Contact Form 7 is the most commonly used WordPress contact form creation plugin.

Vulnerability risk 100 (highest) Vulnerable version 5.3.1 or lower Vulnerability description -> CVE-2020-35489

Vulnerability #2 Ninja Forms

Ninja Forms is a WordPress form creation embedding plugin.

Vulnerability risk 98 Vulnerable version 2.9.42 or lower Vulnerability description -> CVE-2016-1209

Vulnerability #3 Yoast SEO

Yoast SEO is a plugin for WordPress SEO.

Vulnerability risk 98 Vulnerable version 11.5 or lower Vulnerability description -> CVE-2019-13478

Vulnerability #4 Elementor,Essential Addons for Elementor

Elementor and its extended add-on Essential Addons for Elementor is a plugin mainly for layouts that allows users to create WordPress pages using drag-and-drop.

Elementor
Vulnerability risk level 88 Vulnerable version 3.6.0 or lower Vulnerability description -> CVE-2022-1329

Essential Addons for Elementor
Vulnerability level 98 Vulnerable version 5.0.5 or lower Vulnerability description→CVE-2022-0320

Vulnerability #5 File Manager

File Manager is a plugin that adds file upload and editing functions to the WordPress administration screen, similar to FTP software.

Vulnerability risk 100 Vulnerable version 6.9 or lower Vulnerability description -> CVE-2020-25213

CVE-2020-25213

Plug-in that can scan vulnerabilities in more than 1000 other plug-ins
Please use [ Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].