phpwatch / wordpress-security-advisories
WordPress Security Advisories https://php.watch/articles/WordPress-Security-Advisories
Installs: 15 293
Dependents: 0
Suggesters: 1
Security: 0
Stars: 25
Watchers: 6
Forks: 1
Open Issues: 1
Type:metapackage
Conflicts
- johnpbloch/wordpress: >=5.4,<5.4.2 || >=5.3,<5.3.1 || >=5.2,<5.2.5 || >=5.1,<5.1.4 || >=5.0,<5.0.8 || >=4.9,<4.9.13 || >=4.8,<4.8.12 || >=4.7,<4.7.16 || >=4.6,<4.6.17 || >=4.5,<4.5.20 || >=4.4,<4.4.21 || >=4.3,<4.3.22 || >=4.2,<4.2.26 || >=4.1,<4.1.29 || >=4.0,<4.0.29 || >=3.9,<3.9.30 || >=3.8,<3.8.32 || >=3.7,<3.7.32 || <3.7
- roots/wordpress: >=5.4,<5.4.2 || >=5.3,<5.3.1 || >=5.2,<5.2.5 || >=5.1,<5.1.4 || >=5.0,<5.0.8 || >=4.9,<4.9.13 || >=4.8,<4.8.12 || >=4.7,<4.7.16 || >=4.6,<4.6.17 || >=4.5,<4.5.20 || >=4.4,<4.4.21 || >=4.3,<4.3.22 || >=4.2,<4.2.26 || >=4.1,<4.1.29 || >=4.0,<4.0.29 || >=3.9,<3.9.30 || >=3.8,<3.8.32 || >=3.7,<3.7.32 || <3.7
- wpackagist-plugin/2j-slideshow: <1.3.40
- wpackagist-plugin/abstract-submission: <=0.6
- wpackagist-plugin/advanced-ads: <1.17.4
- wpackagist-plugin/all-in-one-wp-migration: <7.15
- wpackagist-plugin/appointment-booking-calendar: <1.3.35
- wpackagist-plugin/async-javascript: <2.20.02.27
- wpackagist-plugin/auth0: <3.11.3
- wpackagist-plugin/awesome-support: <=5.8.0
- wpackagist-plugin/batchmove: <=1.5
- wpackagist-plugin/bbp-members-only: >=1,<1.3.1
- wpackagist-plugin/bbpress-login-register-links-on-forum-topic-pages: >=2,<2.8.5
- wpackagist-plugin/blogtopdf: <=1.0.2
- wpackagist-plugin/brizy: <1.0.114
- wpackagist-plugin/buddypress-component-stats: <=1.0
- wpackagist-plugin/calculated-fields-form: <1.0.355
- wpackagist-plugin/cardgate: <3.1.16
- wpackagist-plugin/chained-quiz: <1.1.8.2
- wpackagist-plugin/clean-and-simple-contact-form-by-meg-nicholas: <=4.7.0
- wpackagist-plugin/cm-pop-up-banners: <1.4.11
- wpackagist-plugin/code-snippets: <2.14.0
- wpackagist-plugin/computer-repair-shop: <2.0
- wpackagist-plugin/contact-form-7: >=5.0,<5.0.4
- wpackagist-plugin/contextual-adminbar-color: <0.3
- wpackagist-plugin/conversation-watson: <0.8.21
- wpackagist-plugin/cookie-law-info: <1.8.3
- wpackagist-plugin/cookiebot: <3.6.1
- wpackagist-plugin/custom-post-type-ui: <1.7.4
- wpackagist-plugin/custom-registration-form-builder-with-submission-manager: <4.6.0.4
- wpackagist-plugin/custom-searchable-data-entry-system: <=1.7.1
- wpackagist-plugin/data-tables-generator-by-supsystic: <1.9.92
- wpackagist-plugin/donorbox-donation-form: >=7.1,<7.1.2
- wpackagist-plugin/duplicator: <1.3.28
- wpackagist-plugin/easy-property-listings: <3.4
- wpackagist-plugin/elementor: <2.9.8
- wpackagist-plugin/envira-gallery-lite: <1.7.7
- wpackagist-plugin/events-manager: <5.9.7.2
- wpackagist-plugin/export-users: <=1.4.2
- wpackagist-plugin/featured-image-from-url: <2.7.8
- wpackagist-plugin/flamingo: <2.1.1
- wpackagist-plugin/flexible-checkout-fields: <2.3.2
- wpackagist-plugin/font-awesome: <4.0.0-rc17
- wpackagist-plugin/gallery-images-ape: >=2.0,<2.0.7
- wpackagist-plugin/gboutique: <=1.3
- wpackagist-plugin/gdpr-cookie-compliance: >=4.0,<4.0.3
- wpackagist-plugin/htaccess: <1.8.2
- wpackagist-plugin/idx-broker-platinum: <2.6.2
- wpackagist-plugin/import-users-from-csv-with-meta: <1.15.0.1
- wpackagist-plugin/jetpack: >=7.9,<7.9.1
- wpackagist-plugin/learnpress: <3.2.6.8
- wpackagist-plugin/lifterlms: <3.37.15
- wpackagist-plugin/miniorange-saml-20-single-sign-on: <4.8.84
- wpackagist-plugin/modern-events-calendar-lite: >=5,<5.1.8 || >=4,<4.9.5
- wpackagist-plugin/modula-best-grid-gallery: <2.2.5
- wpackagist-plugin/mstore-api: <2.0.0
- wpackagist-plugin/newsletter: <6.5.4
- wpackagist-plugin/ninja-forms: <3.4.24.1
- wpackagist-plugin/order-import-export-for-woocommerce: <1.6.1
- wpackagist-plugin/order-xml-file-export-import-for-woocommerce: <1.3.1
- wpackagist-plugin/participants-database: <1.9.5.6
- wpackagist-plugin/photo-gallery: <1.5.46
- wpackagist-plugin/popup-builder: <3.65.2
- wpackagist-plugin/portfolio-filter-gallery: <1.1.3
- wpackagist-plugin/post-pdf-export: <=1.0.1
- wpackagist-plugin/postie: <=1.9.40
- wpackagist-plugin/pricing-table-by-supsystic: <1.8.2
- wpackagist-plugin/product-import-export-for-woo: <1.7.5
- wpackagist-plugin/product-lister-walmart: <=1.0.1
- wpackagist-plugin/product-reviews-import-export-for-woocommerce: <1.3.3
- wpackagist-plugin/profile-builder: <3.1.1
- wpackagist-plugin/rencontre: >=3,<3.2.3
- wpackagist-plugin/resim-ara: <=1.0
- wpackagist-plugin/responsive-add-ons: <2.2.6
- wpackagist-plugin/search-meter: <2.13.2
- wpackagist-plugin/seo-by-rank-math: <1.0.41
- wpackagist-plugin/sitepress-multilingual-cms: <4.3.7
- wpackagist-plugin/strong-testimonials: <2.40.1
- wpackagist-plugin/testimonial-free: <2.2.0
- wpackagist-plugin/themegrill-demo-importer: <1.6.3
- wpackagist-plugin/tutor: <1.5.3
- wpackagist-plugin/ultimate-faqs: <1.8.30
- wpackagist-plugin/ultimate-member: <2.1.3
- wpackagist-plugin/users-customers-import-export-for-wp-woocommerce: <1.3.9
- wpackagist-plugin/videos-on-admin-dashboard: <1.1.4
- wpackagist-plugin/wd-google-maps: <1.0.64
- wpackagist-plugin/web-portal-lite-client-portal-secure-file-sharing-private-messaging: <=1.1.1
- wpackagist-plugin/woocommerce-conversion-tracking: <2.0.6
- wpackagist-plugin/wordpress-database-reset: <3.15
- wpackagist-plugin/wp-accessibility: <1.7.0
- wpackagist-plugin/wp-advanced-search: <3.3.7
- wpackagist-plugin/wp-central: <1.5.2
- wpackagist-plugin/wp-ds-faq-plus: <1.4.2
- wpackagist-plugin/wp-ecommerce-shop-styling: <=2.9.1
- wpackagist-plugin/wp-file-upload: <4.13.1
- wpackagist-plugin/wp-security-audit-log: <4.0.2
- wpackagist-plugin/wp-simple-spreadsheet-fetcher-for-google: <0.3.7
- wpackagist-plugin/wpforms-lite: <1.5.9
- wpackagist-plugin/wps-hide-login: <1.5.5
- wpackagist-plugin/wpvivid-backuprestore: <0.9.36
- wpackagist-plugin/xml-file-export-import-for-stampscom-and-woocommerce: <1.1.9
- wpackagist-theme/fruitful: <3.8.2
This package is auto-updated.
Last update: 2024-11-29 06:16:36 UTC
README
Inspired Roave/SecurityAdvisories, this package aims to provide rudimentary protection against installing known WordPress core packages, plugins, and themes.
This is a metapackage, which means it does not add any functional code to your application. This file is purely a JSON file that contains a list of package conflicts, which instructs composer to block installation of known vulnerable packages.
To make use of this, add this package to your composer setup:
composer require --dev phpwatch/wordpress-security-advisories:dev-master
After adding this package, if you try to require
a package with a known vulnerability, it will be blocked.
Adding new packages
Please send a PR. Please see the rules for the WordPress core package when writing your own conflict
rules.
Packages need to be in alphabetical order. The first two lines are reserved for WordPress core, followed by plugins, and themes at the end. An intentional new line is used to separate core, plugins, and themes.
I intend to keep this list for packages hosted in wordpress.org (thus, available at wpackagist
). For commercial plugins and themes hosted elsewhere, I suggest you offer your own update endpoints.
Coordinated security releases
If you would like to release a security vulnerability for your plugin, and would like to coordinate an update to the list, please do not create a PR/issue. Instead, please contact me with details mentioned in SECURITY.md file.