Watch Out Wednesday – May 22, 2024
Error: cURL error 28: Operation timed out after 5000 milliseconds with 41522290 out of 63206854 bytes received
Watch Out Wednesday – May 15, 2024
Plugin: Breakdance Vulnerability: Authenticated (Contributor+) Remote Code ExecutionPatched Version: 1.7.2Recommended Action: Update to version 1.7.2, or a newer patched version Plugin: White Label CMS Vulnerability: Missing Authorization to Plugin Settings ResetPatched Version: 2.7.4Recommended Action: Update to version 2.7.4, or a newer patched version Plugin: Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits &
Watch Out Wednesday – May 8, 2024
Plugin: 3D FlipBook – PDF Flipbook WordPress Vulnerability: Authenticated (Author+) Stored Cross-Site Scritping via Bookmark URLPatched Version: 1.15.5Recommended Action: Update to version 1.15.5, or a newer patched version Plugin: HT Mega – Absolute Addons For Elementor Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery JustifyPatched Version: 2.5.1Recommended Action: Update to version 2.5.1, or a newer
Watch Out Wednesday – May 8, 2024
Error: cURL error 28: Operation timed out after 5000 milliseconds with 5901976 out of 61598843 bytes received
Watch Out Wednesday – May 8, 2024
Plugin: 3D FlipBook – PDF Flipbook WordPress Vulnerability: Authenticated (Author+) Stored Cross-Site Scritping via Bookmark URLPatched Version: 1.15.5Recommended Action: Update to version 1.15.5, or a newer patched version Plugin: ConvertPlug Vulnerability: Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options UpdatePatched Version: 3.5.26Recommended Action: Update to version 3.5.26, or a newer patched version Plugin: Elementor Website
Watch Out Wednesday – May 1, 2024
Plugin: Photo Gallery – GT3 Image Gallery & Gutenberg Block Gallery Vulnerability: GT3 Image Gallery & Gutenberg Block Gallery <= 2.7.7.21Patched Version: 2.7.7.22Recommended Action: Update to version 2.7.7.22, or a newer patched version Plugin: PDF Invoices & Packing Slips for WooCommerce Vulnerability: Unauthenticated Server-Side Request ForgeryPatched Version: 3.8.1Recommended Action: Update to version 3.8.1, or a
Watch Out Wednesday – April 17, 2024
Plugin: Language Translate Widget for WordPress – ConveyThis Vulnerability: Unauthenticated Stored Cross-Site Scripting via api_keyPatched Version: 224Recommended Action: Update to version 224, or a newer patched version Plugin: Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows Vulnerability: Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider ShortcodePatched Version: 3.70.1Recommended Action: Update to version 3.70.1, or
Watch Out Wednesday – April 17, 2024
Error: cURL error 28: Operation timed out after 5000 milliseconds with 30285448 out of 58186273 bytes received
Watch Out Wednesday – April 10, 2024
Plugin: BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin Vulnerability: Authenticated (Admin+) Arbitrary File UploadPatched Version: 1.0.88Recommended Action: Update to version 1.0.88, or a newer patched version Plugin: Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) Vulnerability: Sensitive Information ExposurePatched Version: 3.2.10Recommended Action: Update to version
Watch Out Wednesday – April 10, 2024
Error: cURL error 28: Operation timed out after 5003 milliseconds with 27074949 out of 58127520 bytes received