Patch Tuesday

patch tuesday

Plugin: Daily Prayer Time Vulnerability: SQL Injection Patched Version: 2022.03.01 Recommended Action: Update the WordPress Daily Prayer Time plugin to the latest available version (at least 2022.03.01). Plugin: Hummingbird Vulnerability: Cross Site Scripting (XSS) Patched Version: 3.3.2 Recommended Action: Update the WordPress Hummingbird plugin to the latest available version (at least 3.3.2). Plugin: Product Table for WooCommerce Vulnerability: Other Vulnerability Type Patched Version: 3.1.2 Recommended Action: Update the WordPress Product Table for WooCommerce plugin to the...

Read More
patch tuesday

Plugin: Download Manager Vulnerability: Other Vulnerability Type Patched Version: 3.2.39 Recommended Action: Update the WordPress Download Manager plugin to the latest available version (at least 3.2.39). Plugin: iQ Block Country Vulnerability: Arbitrary File Deletion Patched Version: 1.2.13 Recommended Action: Update WordPress iQ Block Country plugin to the latest available version (at least 1.2.13). Plugin: Responsive Menu Vulnerability: Information Disclosure Patched Version: 4.1.8 Recommended Action: Update the WordPress Responsive Menu plugin to the latest available version (at...

Read More
patch tuesday

Plugin: Download Manager Vulnerability: Other Vulnerability Type Patched Version: 3.2.39 Recommended Action: Update the WordPress Download Manager plugin to the latest available version (at least 3.2.39). Plugin: iQ Block Country Vulnerability: Arbitrary File Deletion Patched Version: 1.2.13 Recommended Action: Update WordPress iQ Block Country plugin to the latest available version (at least 1.2.13). Plugin: Responsive Menu Vulnerability: Information Disclosure Patched Version: 4.1.8 Recommended Action: Update the WordPress Responsive Menu plugin to the latest available version (at...

Read More
patch tuesday

Plugin: WooCommerceVulnerability: Directory TraversalPatched Version: 6.2.1Recommended Action: Update the WordPress WooCommerce plugin to the latest available version (at least 6.2.1). Plugin: WooCommerceVulnerability: Other Vulnerability TypePatched Version: 6.2.1Recommended Action: Update the WordPress WooCommerce plugin to the latest available version (at least 6.2.1). Plugin: RW Divi Unite GalleryVulnerability: Bypass VulnerabilityPatched Version: NoneRecommended Action: Deactivate and delete. This plugin has been closed as of January 24, 2022 and is not...

Read More
patch tuesday

Plugin: WooCommerceVulnerability: Directory TraversalPatched Version: 6.2.1Recommended Action: Update the WordPress WooCommerce plugin to the latest available version (at least 6.2.1). Plugin: WooCommerceVulnerability: Other Vulnerability TypePatched Version: 6.2.1Recommended Action: Update the WordPress WooCommerce plugin to the latest available version (at least 6.2.1). Plugin: RW Divi Unite GalleryVulnerability: Bypass VulnerabilityPatched Version: NoneRecommended Action: Deactivate and delete. This plugin has been closed as of January 24, 2022 and is not...

Read More
patch tuesday

Plugin: WP Content Copy Protection & No Right ClickVulnerability: Cross Site Request Forgery (CSRF)Patched Version: 3.4.5Recommended Action: Update the WordPress WP Content Copy Protection & No Right Click plugin to the latest available version (at least 3.4.5). Plugin: WordPress Event Calendar (Spider Event Calendar)Vulnerability: Cross Site Scripting (XSS)Patched Version: NoneRecommended Action: This plugin has been closed as of January 13, 2022 and is not available for...

Read More
patch tuesday

Plugin: WP Spell CheckVulnerability: SQL InjectionPatched Version: 9.10Recommended Action: Update the WordPress WP Spell Check plugin to the latest available version (at least 9.10). Plugin: VossleVulnerability: Arbitrary File UploadPatched Version: 1.0.1Recommended Action: Update the WordPress Vossle plugin to the latest available version (at least 1.0.1). Plugin: Ad InserterVulnerability: Remote Code Execution (RCE)Patched Version: 2.7.11Recommended Action: Update the WordPress Ad Inserter plugin to the latest available version (at...

Read More
patch tuesday

Plugin: Download ManagerVulnerability: Information DisclosurePatched Version: 3.2.25Recommended Action: Update the WordPress Download Manager plugin to the latest available version (at least 3.2.25) Plugin: NotificationXVulnerability: SQL InjectionPatched Version: 2.3.9Recommended Action: Update the WordPress NotificationX plugin to the latest available version (at least 2.3.9). Plugin: Custom Content ShortcodeVulnerability: Other Vulnerability TypePatched Version: 4.0.0Recommended Action: Update the WordPress Custom Content Shortcode plugin to the latest available version (at least 4.0.0). Plugin:...

Read More
patch tuesday

Plugin: LearnPressVulnerability: Other Vulnerability TypePatched Version: 4.1.5Recommended Action: Update the WordPress LearnPress plugin to the latest available version (at least 4.1.5). Plugin: WP RSS AggregatorVulnerability: Cross Site Scripting (XSS)Patched Version: 4.20Recommended Action: Update the WordPress WP RSS Aggregator plugin to the latest available version (at least 4.20). Plugin: StatCounterVulnerability: Cross Site Scripting (XSS)Patched Version: 2.0.7Recommended Action: Update the WordPress StatCounter plugin to the latest available version (at...

Read More
patch tuesday

Plugin: Zero SpamVulnerability: SQL InjectionPatched Version: 5.2.10Recommended Action: Update the WordPress Zero Spam plugin to the latest available version (at least 5.2.10). Plugin: WOOCS – WooCommerce Currency SwitcherVulnerability: Cross Site Scripting (XSS)Patched Version: 1.3.7.5Recommended Action: Update the WordPress WOOCS – Currency Switcher for WooCommerce plugin to the latest available version (at least 1.3.7.5). Plugin: Shield SecurityVulnerability: Cross Site Scripting (XSS)Patched Version: 13.0.6Recommended Action: Update the WordPress Shield...

Read More