MainWP Blog

Social Warfare Plugin Vulnerability
Tips & Tricks
Sebastian Moran

Social Warfare Plugin Vulnerability Temp Deactivate Now

If you are using the Social Warfare plugin on any child sites (including the pro version of the plugin), deactivate the plugin on any child sites and wait for an update to be released. Wordfence has more about the issue in the plugin, which states that it is a stored Cross-Site Scripting (XSS) vulnerability.  Sucuri also put out a post about the specific issue. Wordfence has updated the original post to include more information about the attack and what exactly was happening. The plugins downloads have been temporarily closed at WordPress.org. The only other information about the issue is that

Looking for something?