Watch Out Wednesday - December 6, 2023

Plugin: Backup Migration

Vulnerability: Unauthenticated Arbitrary File Download to Sensitive Information Exposure
Patched Version: 1.3.7
Recommended Action: Update to version 1.3.7, or a newer patched version

Plugin: Contact Form 7

Vulnerability: Authenticated (Editor+) Arbitrary File Upload
Patched Version: 5.8.4
Recommended Action: Update to version 5.8.4, or a newer patched version

Plugin: Quotes for WooCommerce

Vulnerability: Missing Authorization
Patched Version: 2.0.2
Recommended Action: Update to version 2.0.2, or a newer patched version

Plugin: Quotes for WooCommerce

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.0.2
Recommended Action: Update to version 2.0.2, or a newer patched version

Plugin: Debug Log Manager

Vulnerability: Cross-Site Request Forgery
Patched Version: 2.2.2
Recommended Action: Update to version 2.2.2, or a newer patched version

Plugin: Related Post

Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting
Patched Version: 2.0.54
Recommended Action: Update to version 2.0.54, or a newer patched version

Watch Out Wednesday – December 6, 2023

Plugin: Backup Migration

Plugin: Contact Form 7

Plugin: Quotes for WooCommerce

Plugin: Quotes for WooCommerce

Plugin: Debug Log Manager

Plugin: Related Post

Related Posts