Plugin: Booking Ultra Pro Appointments Booking Calendar Plugin Vulnerability: Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdatesPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement. Plugin: Timeline […]
Plugin: Ultimate Blocks – WordPress Blocks Plugin Vulnerability: Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple BlocksPatched Version: 3.2.0Recommended Action: Update to version 3.2.0, or a newer patched version Plugin: Cost Calculator Builder Vulnerability: Authenticated (Administrator+) Stored Cross-Site ScriptingPatched Version: 3.2.13Recommended Action: Update to version 3.2.13, or a newer patched version Plugin: LearnPress – WordPress LMS Plugin
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
Plugin: Auto Featured Image Vulnerability: Authenticated (Contributor+) Arbitrary File UploadPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement. Plugin: Elementor Addon Elements Vulnerability: Authenticated (Contributor+) Stored Cross-Site
Plugin: Auto Featured Image Vulnerability: Authenticated (Contributor+) Arbitrary File UploadPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement. Plugin: Elementor Addon Elements Vulnerability: Authenticated (Contributor+) Stored Cross-Site
Plugin: Auto Featured Image Vulnerability: Authenticated (Contributor+) Arbitrary File UploadPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement. Plugin: Elementor Addon Elements Vulnerability: Authenticated (Contributor+) Stored Cross-Site
Error: cURL error 28: Operation timed out after 5000 milliseconds with 5676680 out of 65905880 bytes received
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
Plugin: User Profile Picture Vulnerability: Authenticated (Author+) Insecure Direct Object Reference to Profile Picture UpdatePatched Version: 2.6.2Recommended Action: Update to version 2.6.2, or a newer patched version Plugin: ContentLock Vulnerability: Cross-Site Request Forgery to Group/Email DeletionPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on
