Joel

Author Since: September 28, 2022
More August 2021 Plugin Vulnerabilities

Is your site up to date? Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! Sitewide Notice WP Plugin: Sitewide Notice WP Vulnerability: Authenticated Stored XSS Patched in Version: 2.3 Business Hours Indicator Plugin: Business Hours Indicator  Vulnerability: Authenticated Stored XSS Patched in Version: 2.3.5 Severity Score: Low Bold Page Builder....

August 2021 Plugin Vulnerabilities

Is your site up to date? Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! Simple Banner Plugin: Simple Banner Vulnerability: Authenticated Stored XSS Patched in Version: 2.10.4 Severity Score: Low HD Quiz Plugin: HD Quiz Vulnerability: Authenticated Stored XSS Patched in Version: 1.8.4 Severity Score: Low Contact Form 7 Captcha Plugin: Contact Form....

End of July 2021 Plugin Vulnerabilities

Is your site up to date? Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! #1 VDZ Verification Plugin: VDZ Verification Vulnerability: Authenticated Stored XSS Patched in Version: 1.4 #2 VDZ CallBack Plugin: VDZ CallBack Vulnerability: Authenticated Stored XSS Patched in Version: 1.1.4.6 #3 Wonder PDF Embed Plugin: Wonder PDF....

July 2021 Plugin Vulnerabilities & WooCommerce News

Is your site up to date? Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! #1 WooCommerce Plugin: WooCommerce 3.3 to 5.5 Vulnerability: Authenticated SQL Injection Patched in Version: 5.5.1 See our post for details #2 WooCommerce Blocks Plugin: WooCommerce Blocks 2.5 to 5.5 Vulnerability: Unauthenticated SQL Injection Patched in Version: 5.5.1 See....

Security Hole in WooCommerce

UPDATED JULY 16 2021 The Core WooCommerce development team released WooCommerce version 5.5.0 on July 13th.  After the release, a  vulnerability was reported  by security researcher Josh, via HackerOne (https://hackerone.com/automattic) For WP Concierges, WooCommerce has always been a secure and safe way to do ecommerce for any size business and we still feel confident in....

Jan 2021 Plugin vulnerabilities

Is your site up to date? Outdated plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! 1. LiteSpeed Cache – Low LiteSpeed Cache versions below 3.6.1 have an Authenticated Stored Cross-Site Scripting vulnerability. The vulnerability is patched, and you should update to version 3.6.1. 2. Newsletter Manager – High All versions of Newsletter Manager have....

More December Vulnerabilities

Is your site up to date? Outdated plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable! 1. DiveBook DiveBook versions below 1.1.4 have an Improper Authorization Check, Unauthenticated SQL Injection, & Unauthenticated Reflected XSS vulnerabilities.  Remove the plugin until a security fix is released.   2. Pagelayer Pagelayer versions below 1.3.5....

Dec 2020 WordPress Plugin Vulnerabilities

  WordPress Plugin Vulnerabilities   1. WPJobBoard WPJobBoard versions below 5.7.0 have Unauthenticated SQL Injection, Reflected XSS, & XFS vulnerabilities. The vulnerability is patched, and you should update to version 5.7.0.   2. WP Google Map Plugin WP Google Map Plugin versions below 4.1.4 have an Authenticated SQL Injection vulnerability. The vulnerability is patched, and you should update to....

November 2020 Vulnerabilities

WordPress Core Vulnerabilities WordPress 5.5.2 was released on October 29th and included 10 WordPress core security fixes. Here is the list of security fixes mentioned in the WordPress 5.5.2 release post. Hardened deserialization requests. Fix to disable spam embeds from disabled sites on a multisite network. Fixed a security issue that could lead to an XSS from global....