Change Details

= 0. Status = WPscan identified 14 vulnerabilities = 1. Core Updates = Updated core from 6.5.3 to 6.6.1 = 2. Removed plugins = - "Slider Revolution" due to existing vulnerability - "Essential Addons for Elementor - Pro" due to existing vulnerability = 3. Plugin Udates (15 requested) = - Updated "Activity Log" from 2.10.1 to 2.11.0 - Updated "Advanced Custom Fields" from 6.2.9 to 6.3.5 - Updated "All In One WP Security" from 5.3.0 to 5.3.2 - Updated "Custom Permalinks" from 2.5.2 to 2.6.0 - Updated "Duplica pagina" from 4.5.3 to 4.5.4 - Updated "Easy WP SMTP" from 2.3.0 to 2.4.1 - Updated "Elementor" from 3.21.6 to 3.23.4 - Updated "Elementor Addon Elements" from 1.13.5 to 1.13.6 - Updated "Essential Addons for Elementor" from 5.9.22 to 6.0.1 - Updated "GDPR Cookie Compliance" from 4.14.0 to 4.15.2 - Updated "Really Simple SSL" from 8.1.3 to 8.1.6 - Updated "Redirection" from 5.4.2 to 5.5.0 - Updated "W3 Total Cache" from 2.7.2 to 2.7.5 - Updated "Yoast SEO" from 22.7 to 23.3 == NB , some upgrades cannot be done == - "BE Theme" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 78$/year - "WPBakery Page Builder" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 69$/lifetime = 4. Themes updates (3 requested) = - Updated Twenty Twenty-Four from 1.1 to 1.2 - Updated Twenty Twenty-Three from 1.4 to 1.5 = 5. Additional activities = == 5.1 Security activities == - None === Onetime activities === - None === Recurring activities === - Renamed "xmlrpc.php" to "donotpass_xmlrpc.php" (should be done on EVERY core update) - Removed "readme.txt" (should be done on EVERY core update) - Removed "license.txt" (should be done on EVERY core update) - Removed "licenza.html" (should be done on EVERY core update) N.B Gravity Form plugin can not be automatically updated due to a licence lack == 5.2 Spam Found == - no more spams found == 5.3 Cookies == PLEASE CHECK with your legal consultant if the cookie banner is already mandatory. Currently the website does not use any cookies. = 6. Notices = == 6.0 Licences renew are required == - BE Theme - WPBakery Page Builder == 6.1 Too many editor are installed. == Currently on wikimedia.it wordpress website are intalled and used the following editors: - Default "Gutenberg" default wordpress editor - BE Editor - Elementor Those editors are not fully compatible and interoperable. That means that, choosing a wrong editor, there is a high risk to broke contents and to create not uniform contents. == 6.2 Fragmented template elements and styles == Due to wordpress architecture and stratification of manutentive ad evolutive actions, currently styles are spread in: - WMI wordpress theme - Inline wordpress styles - Editors configurations (Elementor, BE) - Plugins configurations (Smart Slider) This configuration makes hard to maintain end act on global styles, keeping a global aesthetic identity == 6.3 The Plugin "Wiki Embed" - https://it.wordpress.org/plugins/wiki-embed/ - is old and no longer mantenined (9 years from the last update) == It causes a lot of PHP warnings Trying to access array offset on value of type bool in /var/www/wmi/wordpress/wp-content/plugins/wiki-embed/WikiEmbed.php on line 112 == 7. WP Scan Reports ==

= 0. Status = WPscan identified 14 vulnerabilities = 1. Core Updates = Updated core from 6.5.3 to 6.6.1 = 2. Removed plugins = - "Slider Revolution" due to existing vulnerability - "Essential Addons for Elementor - Pro" due to existing vulnerability = 3. Plugin Udates (15 requested) = - Updated "Activity Log" from 2.10.1 to 2.11.0 - Updated "Advanced Custom Fields" from 6.2.9 to 6.3.5 - Updated "All In One WP Security" from 5.3.0 to 5.3.2 - Updated "Custom Permalinks" from 2.5.2 to 2.6.0 - Updated "Duplica pagina" from 4.5.3 to 4.5.4 - Updated "Easy WP SMTP" from 2.3.0 to 2.4.1 - Updated "Elementor" from 3.21.6 to 3.23.4 - Updated "Elementor Addon Elements" from 1.13.5 to 1.13.6 - Updated "Essential Addons for Elementor" from 5.9.22 to 6.0.1 - Updated "GDPR Cookie Compliance" from 4.14.0 to 4.15.2 - Updated "Really Simple SSL" from 8.1.3 to 8.1.6 - Updated "Redirection" from 5.4.2 to 5.5.0 - Updated "W3 Total Cache" from 2.7.2 to 2.7.5 - Updated "Yoast SEO" from 22.7 to 23.3 == 3.1 NB , some upgrades cannot be done == - "BE Theme" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 78$/year - "WPBakery Page Builder" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 69$/lifetime = 4. Themes updates (3 requested) = - Updated Twenty Twenty-Four from 1.1 to 1.2 - Updated Twenty Twenty-Three from 1.4 to 1.5 = 5. Additional activities = == 5.1 Security activities == - None === Onetime activities === - None === Recurring activities === - Renamed "xmlrpc.php" to "donotpass_xmlrpc.php" (should be done on EVERY core update) - Removed "readme.txt" (should be done on EVERY core update) - Removed "license.txt" (should be done on EVERY core update) - Removed "licenza.html" (should be done on EVERY core update) N.B Gravity Form plugin can not be automatically updated due to a licence lack == 5.2 Spam Found == - no more spams found == 5.3 Cookies == PLEASE CHECK with your legal consultant if the cookie banner is already mandatory. Currently the website does not use any cookies. = 6. Notices = == 6.0 Licences renew are required == - BE Theme - WPBakery Page Builder == 6.1 Too many editor are installed. == Currently on wikimedia.it wordpress website are intalled and used the following editors: - Default "Gutenberg" default wordpress editor - BE Editor - Elementor Those editors are not fully compatible and interoperable. That means that, choosing a wrong editor, there is a high risk to broke contents and to create not uniform contents. == 6.2 Fragmented template elements and styles == Due to wordpress architecture and stratification of manutentive ad evolutive actions, currently styles are spread in: - WMI wordpress theme - Inline wordpress styles - Editors configurations (Elementor, BE) - Plugins configurations (Smart Slider) This configuration makes hard to maintain end act on global styles, keeping a global aesthetic identity == 6.3 The Plugin "Wiki Embed" - https://it.wordpress.org/plugins/wiki-embed/ - is old and no longer mantenined (9 years from the last update) == It causes a lot of PHP warnings Trying to access array offset on value of type bool in /var/www/wmi/wordpress/wp-content/plugins/wiki-embed/WikiEmbed.php on line 112 == 7. WP Scan Reports ==

= 0. Status = WPscan identified 14 vulnerabilities = 1. Core Updates = Updated core from 6.5.3 to 6.6.1 = 2. Removed plugins = - "Slider Revolution" due to existing vulnerability - "Essential Addons for Elementor - Pro" due to existing vulnerability = 3. Plugin Udates (15 requested) = - Updated "Activity Log" from 2.10.1 to 2.11.0 - Updated "Advanced Custom Fields" from 6.2.9 to 6.3.5 - Updated "All In One WP Security" from 5.3.0 to 5.3.2 - Updated "Custom Permalinks" from 2.5.2 to 2.6.0 - Updated "Duplica pagina" from 4.5.3 to 4.5.4 - Updated "Easy WP SMTP" from 2.3.0 to 2.4.1 - Updated "Elementor" from 3.21.6 to 3.23.4 - Updated "Elementor Addon Elements" from 1.13.5 to 1.13.6 - Updated "Essential Addons for Elementor" from 5.9.22 to 6.0.1 - Updated "GDPR Cookie Compliance" from 4.14.0 to 4.15.2 - Updated "Really Simple SSL" from 8.1.3 to 8.1.6 - Updated "Redirection" from 5.4.2 to 5.5.0 - Updated "W3 Total Cache" from 2.7.2 to 2.7.5 - Updated "Yoast SEO" from 22.7 to 23.3 == NB== 3.1 NB , some upgrades cannot be done == - "BE Theme" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 78$/year - "WPBakery Page Builder" lincence is no longer valid, it requires a new licence to be updated. It costs ~ 69$/lifetime = 4. Themes updates (3 requested) = - Updated Twenty Twenty-Four from 1.1 to 1.2 - Updated Twenty Twenty-Three from 1.4 to 1.5 = 5. Additional activities = == 5.1 Security activities == - None === Onetime activities === - None === Recurring activities === - Renamed "xmlrpc.php" to "donotpass_xmlrpc.php" (should be done on EVERY core update) - Removed "readme.txt" (should be done on EVERY core update) - Removed "license.txt" (should be done on EVERY core update) - Removed "licenza.html" (should be done on EVERY core update) N.B Gravity Form plugin can not be automatically updated due to a licence lack == 5.2 Spam Found == - no more spams found == 5.3 Cookies == PLEASE CHECK with your legal consultant if the cookie banner is already mandatory. Currently the website does not use any cookies. = 6. Notices = == 6.0 Licences renew are required == - BE Theme - WPBakery Page Builder == 6.1 Too many editor are installed. == Currently on wikimedia.it wordpress website are intalled and used the following editors: - Default "Gutenberg" default wordpress editor - BE Editor - Elementor Those editors are not fully compatible and interoperable. That means that, choosing a wrong editor, there is a high risk to broke contents and to create not uniform contents. == 6.2 Fragmented template elements and styles == Due to wordpress architecture and stratification of manutentive ad evolutive actions, currently styles are spread in: - WMI wordpress theme - Inline wordpress styles - Editors configurations (Elementor, BE) - Plugins configurations (Smart Slider) This configuration makes hard to maintain end act on global styles, keeping a global aesthetic identity == 6.3 The Plugin "Wiki Embed" - https://it.wordpress.org/plugins/wiki-embed/ - is old and no longer mantenined (9 years from the last update) == It causes a lot of PHP warnings Trying to access array offset on value of type bool in /var/www/wmi/wordpress/wp-content/plugins/wiki-embed/WikiEmbed.php on line 112 == 7. WP Scan Reports ==