Watch Out Wednesday

Plugin: Language Translate Widget for WordPress – ConveyThis Vulnerability: Unauthenticated Stored Cross-Site Scripting via api_keyPatched Version: 224Recommended Action: Update to version 224, or a newer patched version Plugin: Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider ShortcodePatched Version: 3.70.1Recommended Action: Update to version 3.70.1, or […]

Error: cURL error 28: Operation timed out after 5000 milliseconds with 30285448 out of 58186273 bytes received

Plugin: BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin Vulnerability: Authenticated (Admin+) Arbitrary File UploadPatched Version: 1.0.88Recommended Action: Update to version 1.0.88, or a newer patched version Plugin: Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) Vulnerability: Sensitive Information ExposurePatched Version: 3.2.10Recommended Action: Update to version

Error: cURL error 28: Operation timed out after 5003 milliseconds with 27074949 out of 58127520 bytes received

Error: cURL error 28: Operation timed out after 5000 milliseconds with 18595472 out of 56187900 bytes received

Plugin: Ultimate Bootstrap Elements for Elementor Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Image WidgetPatched Version: n/aRecommended Action: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement. Plugin: Exclusive Addons for

Plugin: Maintenance Page Vulnerability: Missing Authorization to Sensitive Information ExposurePatched Version: 1.0.9Recommended Action: Update to version 1.0.9, or a newer patched version Plugin: Elementor Addon Elements Vulnerability: Directory Traversal to Local File InclusionPatched Version: 1.13Recommended Action: Update to version 1.13, or a newer patched version Plugin: Colibri Page Builder Vulnerability: Cross-Site Request Fogery via extend_builderPatched

Error: cURL error 28: Operation timed out after 5000 milliseconds with 4480648 out of 54566628 bytes received

Plugin: Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin Vulnerability: 2.8.2Patched Version: 2.8.3Recommended Action: Update to version 2.8.3, or a newer patched version Plugin: Orbit Fox by ThemeIsle Vulnerability: Authenticated (Contributor+) Stored Cross-Site ScriptingPatched Version: 2.10.32Recommended Action: Update to version 2.10.32, or a newer patched version Plugin: Categorify –

Plugin: Premium Addons for Elementor Vulnerability: Authenticated (Contributor+) Stored Cross-Site ScriptingPatched Version: 4.10.19Recommended Action: Update to version 4.10.19, or a newer patched version Plugin: Sydney Toolbox Vulnerability: Authenticated (Contributor+) Stored Cross-Site ScriptingPatched Version: 1.26Recommended Action: Update to version 1.26, or a newer patched version Plugin: EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos,