Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on […]
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
Error: cURL error 28: Operation timed out after 5000 milliseconds with 5676680 out of 65905880 bytes received
Plugin: Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer Vulnerability: Missing AuthorizationPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.
Error: cURL error 28: Operation timed out after 5000 milliseconds with 7577224 out of 65701280 bytes received
Plugin: Popup Builder – Create highly converting, mobile friendly marketing popups. Vulnerability: Missing Authorization in Multiple AJAX ActionsPatched Version: 4.3.2Recommended Action: Update to version 4.3.2, or a newer patched version Plugin: FooEvents for WooCommerce Vulnerability: Improper Authorization to (Contributor+) Arbitrary File UploadPatched Version: 1.19.21Recommended Action: Update to version 1.19.21, or a newer patched version Plugin:
Plugin: Page Builder Gutenberg Blocks – CoBlocks Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Social ProfilesPatched Version: 3.1.10Recommended Action: Update to version 3.1.10, or a newer patched version Plugin: Responsive Owl Carousel for Elementor Vulnerability: Local File InclusionPatched Version: 1.2.1Recommended Action: Update to version 1.2.1, or a newer patched version Plugin: Simple Like Page Plugin
