Patchstack Weekly security update for December 16th, 2021

View this email in your browser (https://mailchi.mp/patchstack/14-vulnerabilities-that-affect-about-25-million-sites-4941764?e=89e008f344)
Podcast Episode #2
Patchstack Weekly: Critical WordPress Vulnerabilities And Log4j

Hi Coffigniezâ, it's another week of Patchstack Weekly update. Now you can also find Patchstack Weekly from Spotify (https://open.spotify.com/show/1LsZ2aGUmw8ule2BHZHb0r?si=4b2b6ee22a1448cd) .

Patchstack Weekly is hosted and written by Robert from the Patchstack team.

It will give you weekly important information about vulnerabilities and also a little extra - something new to learn.
Image Hover Effects Ultimate

Vulnerability: Authentication Bypass (in versions <= 9.6.1)
Fixed in version: 9.6.2
Number of sites affected: 20,000+
CVSS 3.0 score: 9.8 (Critical - Can be exploited remotely without any authentication.)
All in One SEO Pack

Vulnerability: Authenticated Privilege Escalation
Fixed in version: 4.1.5.3
Number of sites affected: 3+ million
CVSS 3.0 score: 9.9 (Critical - Requires subscriber or higher role user authentication.)
The Plus Addons for Elementor Pro

Vulnerability: Unauthenticated SQL Injection (SQLi)
Fixed in version: 5.0.7
Number of sites affected: 50,000+
CVSS 3.0 score: 7.3 (High - Can be exploited remotely without any authentication.)
If you are using any of the mentioned plugins, you need to update it to the latest version as soon as possible. Websites with Patchstack installed are protected from the security issues mentioned below.

You can find all the vulnerabilities from our vulnerability database (https://patchstack.com/database/) .
Weekly knowledge about Log4j

In this week's session, Rober talks about the Log4j issue and how it has affected the world: "That's right, they wrote code to break into insecure systems and fix the problem." ð
Read & Listen The Episode (https://patchstack.com/articles/patchstack-weekly-week-50-wordpress-vulnerabilities-and-log4j/)
Always keep your plugins updated. If possible, enable automatic updates. You can enable automatic updates with Patchstack here (https://app.patchstack.com/components/updates) .

If you are not protecting your WordPress site against plugin vulnerabilities yet go and start for free here (https://app.patchstack.com/register) .

Are you on Facebook? Join the Patchstack community (https://www.facebook.com/groups/patchstackcommunity)  and be the first to hear about new feature updates, news, and announcements.

============================================================
** LinkedIn (https://www.linkedin.com/company/patchtsack)
** Facebook (https://www.facebook.com/patchstackapp)
** Twitter (https://twitter.com/patchstackapp)
** Spotify (https://open.spotify.com/show/1LsZ2aGUmw8ule2BHZHb0r?si=e9fe0ecb62014f91)
Copyright Â© 2021 Patchstack, All rights reserved.
 You are receiving this email because you opted in via our website.

Our mailing address is:
Patchstack
Akadeemia 1
Forwardspace
Parnu 80011
Estonia
Want to change how you receive these emails?
You can ** update your preferences (https://patchstack.us7.list-manage.com/profile?u=7ea59008200002d7f0db008f6&id=5bd388ff7d&e=89e008f344&c=df9f9c1d9b)
or ** unsubscribe from this list (https://patchstack.us7.list-manage.com/unsubscribe?u=7ea59008200002d7f0db008f6&id=5bd388ff7d&e=89e008f344&c=df9f9c1d9b)
.