Watch Out Wednesday – December 27, 2023
Error: cURL error 28: Operation timed out after 5000 milliseconds with 30237810 out of 50741328 bytes received
Watch Out Wednesday – December 20, 2023
Plugin: E2Pdf – Export To Pdf Tool for WordPress Vulnerability: Authenticated (Administrator+) Arbitrary File UploadPatched Version: 1.20.26Recommended Action: Update to version 1.20.26, or a newer patched version Plugin: Image horizontal reel scroll slideshow Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodePatched Version: 13.4Recommended Action: Update to version 13.4, or a newer patched version Plugin: Simple
Watch Out Wednesday – December 20, 2023
Plugin: E2Pdf – Export To Pdf Tool for WordPress Vulnerability: Authenticated (Administrator+) Arbitrary File UploadPatched Version: 1.20.26Recommended Action: Update to version 1.20.26, or a newer patched version Plugin: MW WP Form Vulnerability: Improper Limitation of File Name to Unauthenticated Arbitrary File DeletionPatched Version: 5.0.4Recommended Action: Update to version 5.0.4, or a newer patched version Plugin:
Watch Out Wednesday – December 6, 2023
Plugin: Backup Migration Vulnerability: Unauthenticated Arbitrary File Download to Sensitive Information ExposurePatched Version: 1.3.7Recommended Action: Update to version 1.3.7, or a newer patched version Plugin: Guest Author Vulnerability: Authenticated Stored Cross-Site ScriptingPatched Version: 2.4Recommended Action: Update to version 2.4, or a newer patched version Plugin: Abandoned Cart Lite for WooCommerce Vulnerability: Cross-Site Request ForgeryPatched Version:
Watch Out Wednesday – December 6, 2023
Plugin: Backup Migration Vulnerability: Unauthenticated Arbitrary File Download to Sensitive Information ExposurePatched Version: 1.3.7Recommended Action: Update to version 1.3.7, or a newer patched version Plugin: Guest Author Vulnerability: Authenticated Stored Cross-Site ScriptingPatched Version: 2.4Recommended Action: Update to version 2.4, or a newer patched version Plugin: Abandoned Cart Lite for WooCommerce Vulnerability: Cross-Site Request ForgeryPatched Version:
Watch Out Wednesday – December 6, 2023
Plugin: Backup Migration Vulnerability: Unauthenticated Arbitrary File Download to Sensitive Information ExposurePatched Version: 1.3.7Recommended Action: Update to version 1.3.7, or a newer patched version Plugin: Contact Form 7 Vulnerability: Authenticated (Editor+) Arbitrary File UploadPatched Version: 5.8.4Recommended Action: Update to version 5.8.4, or a newer patched version Plugin: Quotes for WooCommerce Vulnerability: Missing AuthorizationPatched Version: 2.0.2Recommended