Newly added security tests, October 4, 2017: WordPress and Magento vulnerabilities

Detectify's latest update includes new checks for multiple WordPress plugin vulnerabilities and two Magento security tests. The additions cover a range of WordPress issues, such as authenticated open redirects, SQL injection, authentication bypass, cross-site scripting (XSS), and cross-site request forgery (CSRF) vulnerabilities across various plugins like gallery-album, theme-my-login, simple-membership, my-wp-translate, duplicate-page, my-tickets, wp-members, megamenu, and caldera-forms. Additionally, the update introduces Magento security checks for SUPEE-6285 (APPSEC-996) related to orders disclosure and SUPEE-5994 (APPSEC-977) concerning admin path disclosure.