Watch Out Wednesday – September 18, 2024

Plugin: amCharts: Charts and Maps

Vulnerability: Reflected Cross-Site Scripting via Cross-Site Request Forgery
Patched Version: 1.4.5
Recommended Action: Update to version 1.4.5, or a newer patched version

Plugin: LearnPress – WordPress LMS Plugin

Vulnerability: Unauthenticated SQL Injection via ‘c_fields’
Patched Version: 4.2.7.1
Recommended Action: Update to version 4.2.7.1, or a newer patched version

Plugin: LearnPress – WordPress LMS Plugin

Vulnerability: Unauthenticated SQL Injection via ‘c_only_fields’
Patched Version: 4.2.7.1
Recommended Action: Update to version 4.2.7.1, or a newer patched version