Patch Tuesday! 2/16/22

patch tuesday

Patch Tuesday! 2/16/22

Plugin: WP Content Copy Protection & No Right Click
Vulnerability: Cross Site Request Forgery (CSRF)
Patched Version: 3.4.5
Recommended Action: Update the WordPress WP Content Copy Protection & No Right Click plugin to the latest available version (at least 3.4.5).

Plugin: WordPress Event Calendar (Spider Event Calendar)
Vulnerability: Cross Site Scripting (XSS)
Patched Version: None
Recommended Action: This plugin has been closed as of January 13, 2022 and is not available for download. This closure is permanent. Deactivate the plugin and delete it.

Plugin: Unreal FlipBook – WPBakery Addon
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 1.12.0
Recommended Action: Update the WordPress Unreal FlipBook plugin to the latest available version (at least 1.12.0).

Plugin: 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 1.12.0
Recommended Action: Update the WordPress 3D FlipBook plugin to the latest available version (at least 1.12.0).

Plugin: Sparkling
Vulnerability: Other Vulnerability Type
Patched Version: 2.4.9
Recommended Action: Update the WordPress Sparkling theme to the latest available version (at least 2.4.9).

Plugin: wpDiscuz
Vulnerability: Information Disclosure
Patched Version: 7.3.12
Recommended Action: Update the WordPress wpDiscuz plugin to the latest available version (at least 7.3.12).

Plugin: WP Statistics
Vulnerability: SQL Injection
Patched Version: 13.1.5
Recommended Action: Update the WordPress WP Statistics plugin to the latest available version (at least 13.1.5).

Plugin: Spiffy Calendar
Vulnerability: Cross Site Request Forgery (CSRF)
Patched Version: 4.9.1
Recommended Action: Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).

Plugin: Spiffy Calendar
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 4.9.1
Recommended Action: Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).

Plugin: Spiffy Calendar
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 4.9.1
Recommended Action: Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).

Plugin: Spiffy Calendar
Vulnerability: Cross Site Scripting (XSS)
Patched Version: 4.9.1
Recommended Action: Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).

Plugin: Spiffy Calendar
Vulnerability: Insecure Direct Object References (IDOR)
Patched Version: 4.9.1
Recommended Action: Update the WordPress Spiffy Calendar plugin to the latest available version (at least 4.9.1).

Odell Duppins Jr

WordPress Developer

No Comments

Sorry, the comment form is closed at this time.