This update is for week 13 of 2022. This week Robert talks about high-risk vulnerabilities and WP-CLI. View this email in your browser (https://mailchi.mp/patchstack/14-vulnerabilities-that-affect-about-25-million-sites-4941872?e=89e008f344) Podcast Episode #16 Patchstack Weekly: New Set Of WP-CLI Security Commands Hi Coffigniez​, it's another week of Patchstack Weekly update. This week Robert talks about WordPress plugins with high-risk security bugs found in their code and introduces a new set of WP-CLI security commands. Learn more 👀 (https://patchstack.com/articles/patchstack-weekly-week-13-a-new-set-of-wp-cli-security-commands/) Vulnerability news ** Product Table for WooCommerce ------------------------------------------------------------ Vulnerability: Unauthenticated Arbitrary Function Call Fixed in version: 3.1.2 Number of sites affected: 8,000+ CVSS 3.0 score: 7.3 (High - Can be exploited remotely without any authentication.) ** Ad Injection ------------------------------------------------------------ Vulnerability: Unauthenticated SQL Injection (SQLi) Fixed in version: no known fix Number of sites affected: N/A CVSS 3.0 score: 7.5 (High - Requires high role user authentication like admin.) ** RSVP and Event Management Plugin ------------------------------------------------------------ Vulnerability: Unauthenticated Entries Export Fixed in version: 2.7.8 Number of sites affected: 5,000+ CVSS 3.0 score: 7.5 (High - Can be exploited remotely without any authentication.) If you are using any of the mentioned plugins, you need to update it to the latest version as soon as possible. Websites with Patchstack installed are protected from the security issues mentioned below. You can find all the vulnerabilities from our vulnerability database (https://patchstack.com/database/) . Always keep your plugins updated. If possible, enable automatic updates. You can enable automatic updates with Patchstack here (https://app.patchstack.com/components/updates) . If you are not protecting your WordPress site against plugin vulnerabilities yet go and start for free here (https://app.patchstack.com/register) . Are you on Facebook? Join the Patchstack community (https://www.facebook.com/groups/patchstackcommunity) and be the first to hear about new feature updates, news, and announcements. ============================================================ ** LinkedIn (https://www.linkedin.com/company/patchtsack) ** Facebook (https://www.facebook.com/patchstackapp) ** Twitter (https://twitter.com/patchstackapp) ** Spotify (https://open.spotify.com/show/1LsZ2aGUmw8ule2BHZHb0r?si=e9fe0ecb62014f91) Copyright © 2022 Patchstack, All rights reserved. You are receiving this email because you opted in via our website. Our mailing address is: Patchstack Akadeemia 1 Forwardspace Parnu 80011 Estonia Want to change how you receive these emails? You can ** update your preferences (https://patchstack.us7.list-manage.com/profile?u=7ea59008200002d7f0db008f6&id=5bd388ff7d&e=89e008f344&c=b903151bd3) or ** unsubscribe from this list (https://patchstack.us7.list-manage.com/unsubscribe?u=7ea59008200002d7f0db008f6&id=5bd388ff7d&e=89e008f344&c=b903151bd3) .