We would like to inform you of the top 5 most commonly used vulnerable plugins as of 2022. If you are using any of these plug-ins, please update your site as soon as possible.
Vulnerability #1 Contact Form 7
Contact Form 7 is the most commonly used WordPress contact form creation plugin.
Vulnerability risk 100 (highest) Vulnerable version 5.3.1 or lower Vulnerability description -> CVE-2020-35489
Vulnerability #2 Ninja Forms
Ninja Forms is a WordPress form creation embedding plugin.
Vulnerability risk 98 Vulnerable version 2.9.42 or lower Vulnerability description -> CVE-2016-1209
Vulnerability #3 Yoast SEO
Yoast SEO is a plugin for WordPress SEO.
Vulnerability risk 98 Vulnerable version 11.5 or lower Vulnerability description -> CVE-2019-13478
Vulnerability #4 Elementor,Essential Addons for Elementor
Elementor and its extended add-on Essential Addons for Elementor is a plugin mainly for layouts that allows users to create WordPress pages using drag-and-drop.
Elementor
Vulnerability risk level 88 Vulnerable version 3.6.0 or lower Vulnerability description -> CVE-2022-1329
Essential Addons for Elementor
Vulnerability level 98 Vulnerable version 5.0.5 or lower Vulnerability description→CVE-2022-0320
Vulnerability #5 File Manager
File Manager is a plugin that adds file upload and editing functions to the WordPress administration screen, similar to FTP software.
Vulnerability risk 100 Vulnerable version 6.9 or lower Vulnerability description -> CVE-2020-25213
CVE-2020-25213
Plug-in that can scan vulnerabilities in more than 1000 other plug-ins
Please use [ Free] WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].