Plugins advice

Halaman Utama > Knowledgebase > General > Plugins advice

Resource Intensive

WP-Cron plugin

Google Sitemap plugin

most SEO plugins

Some image galleries and media players are intensive, but this largely depends on how you use them.

Resource Friendly

WP Super Cache plugin

podPress plugin

Here is a list of some WordPress plugin exploits which were released within the last year:

2009-07-15 WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability

2009-07-10 WordPress Privileges Unchecked in admin.php and Multiple Information

2009-06-30 WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability

2009-06-30 WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability

2009-06-29 WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln

2009-06-15 WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability

2009-05-26 Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability

2009-03-17 Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability

2009-03-10 Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability

2009-01-12 Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability

2008-12-22 Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln

2008-10-29 Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit

2008-10-26 WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln

2008-10-17 Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln

2008-09-10 Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit

2008-09-07 Wordpress 2.6.1 SQL Column Truncation Vulnerability

2008-07-24 Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

Here are some Joomla plugins which had security holes in the past year:

2009-07-17 Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability

2009-07-11 Joomla Component com_category (catid) SQL Injection Vulnerability

2009-07-10 Joomla Component com_propertylab (auction_id) SQL injection Vuln

2009-06-29 Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability

2009-06-29 Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln

2009-06-29 Joomla Component com_php (id) Blind SQL Injection Vulnerability

2009-06-25 Joomla Component com_pinboard (task) SQL Injection Exploit

2009-06-24 Joomla Component com_amocourse (catid) SQL Injection Vuln

2009-06-24 Joomla Component com_pinboard Remote File Upload Vulnerability

2009-06-22 Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln

2009-06-15 Joomla Component com_jumi (fileid) Blind SQL Injection Exploit

2009-06-15 Joomla Component com_ijoomla_rss Blind SQL Injection Exploit

2009-06-15 Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln

2009-06-09 Joomla Component com_vehiclemanager 1.0 RFI Vulnerability

2009-06-09 Joomla Component com_realestatemanager 1.0 RFI Vulnerability

2009-06-09 Joomla Component com_media_library 1.5.3 RFI Vulnerability

2009-06-09 Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability

2009-06-09 Joomla Component BookLibrary 1.5.2.4 Remote File Inclusion Vuln

2009-06-08 Joomla Component com_portafolio (cid) SQL injection Vulnerability

2009-06-08 Joomla Component MooFAQ (com_moofaq) LFI Vulnerability

2009-06-08 Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability

2009-06-03 Joomla Component com_mosres Multiple SQL Injection Vulnerabilities

2009-06-03 Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability

2009-06-03 Joomla Component Seminar 1.28 (id) Blind SQL Injection Exploit

2009-06-01 Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection

2009-05-29 Joomla Component JVideo 0.3.x SQL Injection Vulnerability

2009-05-27 Joomla Component AgoraGroup 0.3.5.3 Blind SQL Injection Vulnerability

2009-05-26 Joomla Component Com_Agora 3.0.0 RC1 Remote File Upload Vulnerability

2009-05-26 Joomla Component com_rsgallery2 1.14.x/2.x Remote Backdoor Vuln

2009-05-26 Joomla Boy Scout Advancement 0.3 (id) SQL Injection Exploit

2009-05-20 Joomla Casino 0.3.1 Multiple SQL Injection Exploits

2009-05-19 Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit

2009-05-15 Joomla Component ArtForms 2.1 b7 Remote File Inclusion Vulnerabilities

2009-05-05 Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln

2009-04-22 Joomla Component rsmonials Remote Cross Site Scxripting Exploit

2009-04-08 Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln

2009-04-08 Joomla Component MailTo (article) SQL Injection Vulnerability

2009-04-08 Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln

2009-04-06 Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability

2009-03-10 Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability

2009-03-05 Joomla com_ijoomla_archive Blind SQL Injection Exploit

2009-03-02 Joomla/Mambo Component eXtplorer Code Execution Vulnerability

2009-03-02 Joomla com_digistore (pid) Blind SQL Injection Exploit

2009-01-26 Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability

2009-01-21 Joomla Component beamospetition 1.0.12 SQL Injection / XSS

2009-01-21 Joomla com_pcchess (game_id) Blind SQL Injection Exploit

2009-01-21 Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit

2009-01-19 Joomla com_waticketsystem Blind SQL Injection Exploit

2009-01-19 Joomla Component com_news SQL Injection Vulnerability

2009-01-19 Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit

2009-01-18 Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability

2009-01-15 Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability

2009-01-15 Joomla com_Eventing 1.6.x Blind SQL Injection Exploit

2009-01-14 Joomla Component Fantasytournament SQL Injection Vulnerabilities

2009-01-14 Joomla Component Camelcitydb2 2.2 SQL Injection Vulnerabilities

2009-01-13 Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln

2009-01-12 Joomla Component Portfol (vcatid) SQL Injection Vulnerability

2009-01-11 Joomla com_newsflash (id) Remote SQL Injection Vulnerability

2009-01-11 Joomla com_jashowcase (catid) Remote SQL Injection Exploit

2009-01-11 Joomla com_xevidmegahd (catid) Remote SQL Injection Exploit

2009-01-07 Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability

2009-01-05 Joomla com_phocadocumentation (id) Remote SQL Injection Exploit

2009-01-05 Joomla com_na_newsdescription (newsid) SQL Injection Exploit

2009-01-05 Joomla Component simple_review 1.x SQL Injection Vulnerability

2008-12-29 Joomla Component com_na_content 1.0 Blind SQL Injection Vulnerability

2008-12-28 Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability

2008-12-24 Joomla Component 5starhotels (id) SQL Injection Exploit

2008-12-24 Joomla Component mdigg 2.2.8 (category) SQL Injection Vuln

2008-12-24 Joomla Component Live Ticker 1.0 (tid) Blind SQL Injection Vuln

2008-12-24 Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln

2008-12-23 Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability

2008-12-23 Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln

2008-12-22 Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability

2008-12-21 Joomla Component com_tophotelmodule 1.0 Blind SQL Injection Vuln

2008-12-21 Joomla Component com_hbssearch 1.0 Blind SQL Injection Vuln

2008-12-17 Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability

2008-12-12 Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities

2008-12-04 Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln

2008-12-03 Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit

2008-11-21 Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability

2008-11-11 Joomla Component com_marketplace 1.2.1 (catid) SQL Injection Vuln

2008-11-11 Joomla Component Simple RSS Reader 1.0 RFI Vulnerability

2008-11-11 Joomla/Mambo com_catalogproduction (id) SQL Injection Vulnerability

2008-11-11 Joomla Component Contact Info 1.0 SQL Injection Vulnerability

2008-11-11 Joomla Component com_books (book_id) SQL Injection Vulnerability

2008-11-10 Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability

2008-11-07 Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities

2008-11-07 Joomla Component Recly!Competitions 1.0.0 Multiple RFI Vulnerabilities

2008-11-07 Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities

2008-11-05 Joomla Component Dada Mail Manager 2.6 RFI Vulnerability

2008-11-04 Joomla Component ProDesk 1.0/1.2 Local File Inclusion Vulnerability

2008-11-04 Joomla Component ongumatimesheet20 4b RFI Vulnerability

2008-11-04 Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability

2008-11-01 Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability

2008-10-24 Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability

2008-10-24 Joomla Component Archaic Binary Gallery 0.2 Directory Traversal Vuln

2008-10-23 Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability

2008-10-22 Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability

2008-10-22 Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln

2008-10-20 Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability

Tambahkan ke Favorit Cetak Artikel Ini

2009-07-15	WordPress Plugin My Category Order <= 2.8 SQL Injection Vulnerability
2009-07-10	WordPress Privileges Unchecked in admin.php and Multiple Information
2009-06-30	WordPress Plugin Related Sites 2.1 Blind SQL Injection Vulnerability
2009-06-30	WordPress Plugin DM Albums 1.9.2 Remote File Disclosure Vulnerability
2009-06-29	WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
2009-06-15	WordPress Plugin Photoracer 1.0 (id) SQL Injection Vulnerability
2009-05-26	Wordpress Plugin Lytebox (wp-lytebox) Local File Inclusion Vulnerability
2009-03-17	Wordpress Plugin fMoblog 2.1 (id) SQL Injection Vulnerability
2009-03-10	Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability
2009-01-12	Wordpress plugin WP-Forum 1.7.8 Remote SQL Injection Vulnerability
2008-12-22	Wordpress Plugin Page Flip Image Gallery <= 0.2.2 Remote FD Vuln
2008-10-29	Wordpress Plugin e-Commerce <= 3.4 Arbitrary File Upload Exploit
2008-10-26	WordPress Media Holder (mediaHolder.php id) SQL Injection Vuln
2008-10-17	Wordpress Plugin st_newsletter (stnl_iframe.php) SQL Injection Vuln
2008-09-10	Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
2008-09-07	Wordpress 2.6.1 SQL Column Truncation Vulnerability
2008-07-24	Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

2009-07-17	Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability
2009-07-11	Joomla Component com_category (catid) SQL Injection Vulnerability
2009-07-10	Joomla Component com_propertylab (auction_id) SQL injection Vuln
2009-06-29	Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability
2009-06-29	Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln
2009-06-29	Joomla Component com_php (id) Blind SQL Injection Vulnerability
2009-06-25	Joomla Component com_pinboard (task) SQL Injection Exploit
2009-06-24	Joomla Component com_amocourse (catid) SQL Injection Vuln
2009-06-24	Joomla Component com_pinboard Remote File Upload Vulnerability
2009-06-22	Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln
2009-06-15	Joomla Component com_jumi (fileid) Blind SQL Injection Exploit
2009-06-15	Joomla Component com_ijoomla_rss Blind SQL Injection Exploit
2009-06-15	Joomla Component com_Projectfork 2.0.10 Local File Inclusion Vuln
2009-06-09	Joomla Component com_vehiclemanager 1.0 RFI Vulnerability
2009-06-09	Joomla Component com_realestatemanager 1.0 RFI Vulnerability
2009-06-09	Joomla Component com_media_library 1.5.3 RFI Vulnerability
2009-06-09	Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability
2009-06-09	Joomla Component BookLibrary 1.5.2.4 Remote File Inclusion Vuln
2009-06-08	Joomla Component com_portafolio (cid) SQL injection Vulnerability
2009-06-08	Joomla Component MooFAQ (com_moofaq) LFI Vulnerability
2009-06-08	Joomla Component com_school 1.4 (classid) SQL Injection Vulnerability
2009-06-03	Joomla Component com_mosres Multiple SQL Injection Vulnerabilities
2009-06-03	Joomla Omilen Photo Gallery 0.5b Local File Inclusion Vulnerability
2009-06-03	Joomla Component Seminar 1.28 (id) Blind SQL Injection Exploit
2009-06-01	Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection
2009-05-29	Joomla Component JVideo 0.3.x SQL Injection Vulnerability
2009-05-27	Joomla Component AgoraGroup 0.3.5.3 Blind SQL Injection Vulnerability
2009-05-26	Joomla Component Com_Agora 3.0.0 RC1 Remote File Upload Vulnerability
2009-05-26	Joomla Component com_rsgallery2 1.14.x/2.x Remote Backdoor Vuln
2009-05-26	Joomla Boy Scout Advancement 0.3 (id) SQL Injection Exploit
2009-05-20	Joomla Casino 0.3.1 Multiple SQL Injection Exploits
2009-05-19	Joomla com_gsticketsystem (catid) Blind SQL Injection Exploit
2009-05-15	Joomla Component ArtForms 2.1 b7 Remote File Inclusion Vulnerabilities
2009-05-05	Joomla Almond Classifieds 5.6.2 Blind SQL Injection Vuln
2009-04-22	Joomla Component rsmonials Remote Cross Site Scxripting Exploit
2009-04-08	Joomla Component Cmimarketplace (viewit) Directory Traversal Vuln
2009-04-08	Joomla Component MailTo (article) SQL Injection Vulnerability
2009-04-08	Joomla Component Maian Music 1.2.1 (category) SQL Injection Vuln
2009-04-06	Joomla Component com_bookjoomlas 0.1 SQL Injection Vulnerability
2009-03-10	Joomla Djice Shoutbox 1.0 Permanent XSS Vulnerability
2009-03-05	Joomla com_ijoomla_archive Blind SQL Injection Exploit
2009-03-02	Joomla/Mambo Component eXtplorer Code Execution Vulnerability
2009-03-02	Joomla com_digistore (pid) Blind SQL Injection Exploit
2009-01-26	Joomla com_flashmagazinedeluxe (mag_id) SQL Injection Vulnerability
2009-01-21	Joomla Component beamospetition 1.0.12 SQL Injection / XSS
2009-01-21	Joomla com_pcchess (game_id) Blind SQL Injection Exploit
2009-01-21	Joomla Com BazaarBuilder Shopping Cart v.5.0 SQL Injection Exploit
2009-01-19	Joomla com_waticketsystem Blind SQL Injection Exploit
2009-01-19	Joomla Component com_news SQL Injection Vulnerability
2009-01-19	Joomla com_pccookbook (recipe_id) Blind SQL Injection Exploit
2009-01-18	Joomla Component Gigcal 1.x (id) SQL Injection Vulnerability
2009-01-15	Joomla Component RD-Autos 1.5.5 (id) SQL Injection Vulnerability
2009-01-15	Joomla com_Eventing 1.6.x Blind SQL Injection Exploit
2009-01-14	Joomla Component Fantasytournament SQL Injection Vulnerabilities
2009-01-14	Joomla Component Camelcitydb2 2.2 SQL Injection Vulnerabilities
2009-01-13	Joomla Component com_gigcal (gigcal_gigs_id) SQL Injection Vuln
2009-01-12	Joomla Component Portfol (vcatid) SQL Injection Vulnerability
2009-01-11	Joomla com_newsflash (id) Remote SQL Injection Vulnerability
2009-01-11	Joomla com_jashowcase (catid) Remote SQL Injection Exploit
2009-01-11	Joomla com_xevidmegahd (catid) Remote SQL Injection Exploit
2009-01-07	Joomla <= 1.5.8 (xstandard editor) Local Directory Traversal Vulnerability
2009-01-05	Joomla com_phocadocumentation (id) Remote SQL Injection Exploit
2009-01-05	Joomla com_na_newsdescription (newsid) SQL Injection Exploit
2009-01-05	Joomla Component simple_review 1.x SQL Injection Vulnerability
2008-12-29	Joomla Component com_na_content 1.0 Blind SQL Injection Vulnerability
2008-12-28	Joomla Component PAX Gallery 0.1 Blind SQL Injection Vulnerability
2008-12-24	Joomla Component 5starhotels (id) SQL Injection Exploit
2008-12-24	Joomla Component mdigg 2.2.8 (category) SQL Injection Vuln
2008-12-24	Joomla Component Live Ticker 1.0 (tid) Blind SQL Injection Vuln
2008-12-24	Joomla Component Ice Gallery 0.5b2 (catid) Blind SQL Injection Vuln
2008-12-23	Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability
2008-12-23	Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln
2008-12-22	Joomla Component Volunteer 2.0 (job_id) SQL Injection Vulnerability
2008-12-21	Joomla Component com_tophotelmodule 1.0 Blind SQL Injection Vuln
2008-12-21	Joomla Component com_hbssearch 1.0 Blind SQL Injection Vuln
2008-12-17	Joomla Component Tech Article 1.x (item) SQL Injection Vulnerability
2008-12-12	Joomla Live Chat (SQL/Proxy) Multiple Remote Vulnerabilities
2008-12-04	Joomla Component mydyngallery 1.4.2 (directory) SQL Injection Vuln
2008-12-03	Joomla Component com_jmovies 1.1 (id) SQL Injection Exploit
2008-11-21	Joomla Component Thyme 1.0 (event) SQL Injection Vulnerability
2008-11-11	Joomla Component com_marketplace 1.2.1 (catid) SQL Injection Vuln
2008-11-11	Joomla Component Simple RSS Reader 1.0 RFI Vulnerability
2008-11-11	Joomla/Mambo com_catalogproduction (id) SQL Injection Vulnerability
2008-11-11	Joomla Component Contact Info 1.0 SQL Injection Vulnerability
2008-11-11	Joomla Component com_books (book_id) SQL Injection Vulnerability
2008-11-10	Joomla Component JooBlog 0.1.1 (PostID) SQL Injection Vulnerability
2008-11-07	Joomla Component Feederator 1.0.5 Multiple RFI Vulnerabilities
2008-11-07	Joomla Component Recly!Competitions 1.0.0 Multiple RFI Vulnerabilities
2008-11-07	Joomla Component Clickheat 1.0.1 Multiple RFI Vulnerabilities
2008-11-05	Joomla Component Dada Mail Manager 2.6 RFI Vulnerability
2008-11-04	Joomla Component ProDesk 1.0/1.2 Local File Inclusion Vulnerability
2008-11-04	Joomla Component ongumatimesheet20 4b RFI Vulnerability
2008-11-04	Joomla Component VirtueMart Google Base 1.1 RFI Vulnerability
2008-11-01	Joomla Component Flash Tree Gallery 1.0 RFI Vulnerability
2008-10-24	Joomla Component Kbase 1.0 Remote SQL Injection Vulnerability
2008-10-24	Joomla Component Archaic Binary Gallery 0.2 Directory Traversal Vuln
2008-10-23	Joomla Component RWCards 3.0.11 Local File Inclusion Vulnerability
2008-10-22	Joomla Component ionFiles 4.4.2 File Disclosure Vulnerability
2008-10-22	Joomla Component Daily Message 1.0.3 (id) SQL Injection Vuln
2008-10-20	Joomla Component ds-syndicate (feed_id) SQL Injection Vulnerability