Home › Forums › Calendar Products › Events Calendar PRO › Is this a Malware Bug in 3.12.3 of Events Pro?
- This topic has 7 replies, 4 voices, and was last updated 8 years, 6 months ago by Geoff.
-
AuthorPosts
-
October 15, 2015 at 1:45 pm #1015072JayParticipant
Hi,
My software just flagged this error:
File contains suspected malware URL: /home/dailydf0/public_html/redwagonteamcom/wp-content/plugins/events-calendar-pro/vendor/lucatume/wp-browser/src/data/formatting/xssAttacks.xml
Is this a bug?
Jay
October 15, 2015 at 1:46 pm #1015074JayParticipantThis reply is private.
October 15, 2015 at 2:09 pm #1015087GeoffMemberHi Jay,
Man, thanks SO much for bringing this up!
The good news is that there is no malware. You are totally fine.
The bad news is that it looks like we errantly included some of the files we use in development in the final release and need to remove them and repackage the plugin.
In the meantime, will you please revert back to 3.12.2? You can snag a copy of that here on this site by logging int and heading to My Account > Downloads.
I’m so sorry for the trouble here but am thankful you brought it up early so we can fix it ASAP.
Geoff
October 15, 2015 at 2:39 pm #1015099JayParticipantI downloaded 3.12.2 and I can’t see the Events menu…just get these notices…Events is down when I reverted.
To begin using Events Calendar PRO, please install the latest version of The Events Calendar.
To begin using The Events Calendar: Facebook Events, please install the latest version of The Events Calendar.
October 15, 2015 at 2:47 pm #1015101GeoffMemberYou’re still running The Events Calendar 3.12.3 and now have The Events Calendar PRO 3.12.2 in there, right? Make sure The Events Calendar is installed and activated to prevent those notices.
October 15, 2015 at 4:13 pm #1015118RobMemberHey Jay! Rob from Modern Tribe here. Just wanted to let you know that we just shipped an update (3.12.4) to address this issue. Check it out: https://theeventscalendar.com/release-events-calendar-pro-3-12-4/.
Let us know if you see anything else and thanks again from all of us for reporting this.
October 15, 2015 at 4:55 pm #1015133BryanParticipantCan I just delete the file xssAttacks.xml from the directory and wait for an automatic upgrade? This error gets called out by security software.
October 16, 2015 at 6:45 am #1015222GeoffMemberSure, you could do that. However, I’d suggest installing the latest version (3.12.4) instead of touch any core files. You may as well install it manually if you’re planning on going into the directory any way. 🙂
I’m going to go ahead and close this thread since the latest update addresses the issue that was reported here, but please do feel free to hit us up in a new thread if any other questions come up.
Cheers!
Geoff -
AuthorPosts
- The topic ‘Is this a Malware Bug in 3.12.3 of Events Pro?’ is closed to new replies.