Is this a Malware Bug in 3.12.3 of Events Pro?

  • Post date

Home Forums Calendar Products Events Calendar PRO Is this a Malware Bug in 3.12.3 of Events Pro?

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • October 15, 2015 at 1:45 pm #1015072
    Jay
    Participant

    Hi,

    My software just flagged this error:

    File contains suspected malware URL: /home/dailydf0/public_html/redwagonteamcom/wp-content/plugins/events-calendar-pro/vendor/lucatume/wp-browser/src/data/formatting/xssAttacks.xml

    Is this a bug?

    Jay

    October 15, 2015 at 1:46 pm #1015074
    Jay
    Participant

    This reply is private.

    October 15, 2015 at 2:09 pm #1015087
    Geoff
    Member

    Hi Jay,

    Man, thanks SO much for bringing this up!

    The good news is that there is no malware. You are totally fine.

    The bad news is that it looks like we errantly included some of the files we use in development in the final release and need to remove them and repackage the plugin.

    In the meantime, will you please revert back to 3.12.2? You can snag a copy of that here on this site by logging int and heading to My Account > Downloads.

    I’m so sorry for the trouble here but am thankful you brought it up early so we can fix it ASAP.

    Geoff

    October 15, 2015 at 2:39 pm #1015099
    Jay
    Participant

    I downloaded 3.12.2 and I can’t see the Events menu…just get these notices…Events is down when I reverted.

    To begin using Events Calendar PRO, please install the latest version of The Events Calendar.

    To begin using The Events Calendar: Facebook Events, please install the latest version of The Events Calendar.

    October 15, 2015 at 2:47 pm #1015101
    Geoff
    Member

    You’re still running The Events Calendar 3.12.3 and now have The Events Calendar PRO 3.12.2 in there, right? Make sure The Events Calendar is installed and activated to prevent those notices.

    October 15, 2015 at 4:13 pm #1015118
    Rob
    Member

    Hey Jay! Rob from Modern Tribe here. Just wanted to let you know that we just shipped an update (3.12.4) to address this issue. Check it out: https://theeventscalendar.com/release-events-calendar-pro-3-12-4/.

    Let us know if you see anything else and thanks again from all of us for reporting this.

    October 15, 2015 at 4:55 pm #1015133
    Bryan
    Participant

    Can I just delete the file xssAttacks.xml from the directory and wait for an automatic upgrade? This error gets called out by security software.

    October 16, 2015 at 6:45 am #1015222
    Geoff
    Member

    Sure, you could do that. However, I’d suggest installing the latest version (3.12.4) instead of touch any core files. You may as well install it manually if you’re planning on going into the directory any way. 🙂

    I’m going to go ahead and close this thread since the latest update addresses the issue that was reported here, but please do feel free to hit us up in a new thread if any other questions come up.

    Cheers!
    Geoff

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)
  • The topic ‘Is this a Malware Bug in 3.12.3 of Events Pro?’ is closed to new replies.