Patch Tuesday! 3/22/22

patch tuesday

Patch Tuesday! 3/22/22

Plugin: Daily Prayer Time

Vulnerability: SQL Injection

Patched Version: 2022.03.01

Recommended Action: Update the WordPress Daily Prayer Time plugin to the latest available version (at least 2022.03.01).

Plugin: Hummingbird

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 3.3.2

Recommended Action: Update the WordPress Hummingbird plugin to the latest available version (at least 3.3.2).

Plugin: Product Table for WooCommerce

Vulnerability: Other Vulnerability Type

Patched Version: 3.1.2

Recommended Action: Update the WordPress Product Table for WooCommerce plugin to the latest available version (at least 3.1.2).

Plugin: Ninja Forms

Vulnerability: Information Disclosure

Patched Version: 3.6.8

Recommended Action: Update the WordPress Ninja Forms plugin to the latest available version (at least 3.6.8).

Plugin: Loco Translate

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 2.6.1

Recommended Action: Update the WordPress Loco Translate plugin to the latest available version (at least 2.6.1).

Plugin: GS Variation Swatches for WooCommerce

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 1.6.0

Recommended Action: Update the WordPress GS Variation Swatches for WooCommerce plugin to the latest available version (at least 1.6.0).

Plugin: WP Downgrade

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 1.2.3

Recommended Action: Update the WordPress WP Downgrade plugin to the latest available version (at least 1.2.3).

Plugin: Easy Social Icons

Vulnerability: Other Vulnerability Type

Patched Version: 3.2.1

Recommended Action: Update the WordPress Easy Social Icons plugin to the latest available version (at least 3.2.1).

Plugin: Easy Social Icons

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 3.2.1

Recommended Action: Update the WordPress Easy Social Icons plugin to the latest available version (at least 3.2.1).

Plugin: Favicon

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 1.3.23

Recommended Action: Update the WordPress Favicon by RealFaviconGenerator plugin to the latest available version (at least 1.3.23).

Plugin: WPvivid Backup and Migration

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 0.9.70

Recommended Action: Update the WordPress Migration, Backup, Staging – WPvivid plugin to the latest available version (at least 0.9.70).

Plugin: Podcast Importer SecondLine

Vulnerability: SQL Injection

Patched Version: 1.3.8

Recommended Action: Update the WordPress Podcast Importer SecondLine plugin to the latest available version (at least 1.3.8).

Plugin: Easy Smooth Scroll Links – Smooth Scrolling Anchor ===pootlepress, shramee, jamesmarsland

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 2.23.1

Recommended Action: Update the WordPress Easy Smooth Scroll Links plugin to the latest available version (at least 2.23.1).

Plugin: Yoo Slider

Vulnerability: Cross Site Request Forgery (CSRF)

Patched Version: 2.1.0

Recommended Action: Update the WordPress Yoo Slider plugin to the latest available version (at least 2.1.0).

Plugin: Yoo Slider

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 2.1.0

Recommended Action: Update the WordPress Yoo Slider plugin to the latest available version (at least 2.1.0).

Plugin: Quick Adsense

Vulnerability: Other Vulnerability Type

Patched Version: 2.8.2

Recommended Action: Update the WordPress Quick Adsense plugin to the latest available version (at least 2.8.2).

Plugin: Export All URLs

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 4.2

Recommended Action: Update the WordPress Export All URLs plugin to the latest available version (at least 4.2).

Plugin: Export All URLs

Vulnerability: Cross Site Request Forgery (CSRF)

Patched Version: 4.3

Recommended Action: Update the WordPress Export All URLs plugin to the latest available version (at least 4.3).

Plugin: Optimole

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 3.3.2

Recommended Action: Update the WordPress Optimole plugin to the latest available version (at least 3.3.2).

Plugin: One Click Demo Import

Vulnerability: Arbitrary File Upload

Patched Version: 3.1.0

Recommended Action: Update the WordPress One Click Demo Import plugin to the latest available version (at least 3.1.0).

Plugin: FV Flowplayer Video Player

Vulnerability: SQL Injection

Patched Version: 7.5.18.727

Recommended Action: Update the WordPress FV Flowplayer Video Player plugin to the latest available version (at least 7.5.18.727).

Plugin: Download Manager

Vulnerability: Other Vulnerability Type

Patched Version: 3.2.39

Recommended Action: Update the WordPress Download Manager plugin to the latest available version (at least 3.2.39).

Plugin: iQ Block Country

Vulnerability: Arbitrary File Deletion

Patched Version: 1.2.13

Recommended Action: Update WordPress iQ Block Country plugin to the latest available version (at least 1.2.13).

Plugin: Responsive Menu

Vulnerability: Information Disclosure

Patched Version: 4.1.8

Recommended Action: Update the WordPress Responsive Menu plugin to the latest available version (at least 4.1.8).

Plugin: LearnPress

Vulnerability: Cross Site Scripting (XSS)

Patched Version: 4.1.6

Recommended Action: Update the WordPress LearnPress plugin to the latest available version (at least 4.1.6).

Plugin: StopBadBots

Vulnerability: SQL Injection

Patched Version: 6.930

Recommended Action: Update the WordPress Stop Bad Bots plugin to the latest available version (at least 6.930).

Odell Duppins Jr

WordPress Developer

No Comments

Sorry, the comment form is closed at this time.