Detected the problem

[danibuu]

Hello guys,
Jetpack plugin detected the problem below in the wplms-attendance plugin.
See the message:
The tcpdf_static.php file contains a malicious code pattern
Threat found (Vulnerable.TCPDF.Library)
What’s the problem?

TCPDF is a popular library used by many theme and plugin developers to handle or create PDFs. An older version of this library has a known security vulnerability, and was detected being used. Update the plugin or theme using it, or contact the author.

The technical details

Threat found in the file:
plugins/wplms-attendance/tcpdf/include/tcpdf_static.php

[Diana]

This reply has been marked as private.

[danibuu]

Hi Diana,
You can now normally access the site.

[Diana]

There is no member layout on your site, which simply means it will not load the “members area” from where we can manage the courses

Hence, I cannot check the CSS issue of calendar, because I can’t even access the page

[danibuu]

Hello,
You can check now.

[Diana]

This reply has been marked as private.

[danibuu]

This reply has been marked as private.

[Diana]

Added the trello card here: https://trello.com/c/9GW1D8XS/2763-issue-tcpdf-library-issue-in-wplms-attendance-addon

And found this article: https://www.zdnet.com/article/severe-security-bug-found-in-popular-php-library-for-creating-pdf-files/

We need to update the TCPDF library to resolve this