Viewing 8 posts - 1 through 8 (of 8 total)
The topic ‘Detected the problem’ is closed to new replies.
Hello guys,
Jetpack plugin detected the problem below in the wplms-attendance plugin.
See the message:
The tcpdf_static.php file contains a malicious code pattern
Threat found (Vulnerable.TCPDF.Library)
What’s the problem?
TCPDF is a popular library used by many theme and plugin developers to handle or create PDFs. An older version of this library has a known security vulnerability, and was detected being used. Update the plugin or theme using it, or contact the author.
The technical details
Threat found in the file:
plugins/wplms-attendance/tcpdf/include/tcpdf_static.php
There is no member layout on your site, which simply means it will not load the “members area” from where we can manage the courses
Hence, I cannot check the CSS issue of calendar, because I can’t even access the page
Added the trello card here: https://trello.com/c/9GW1D8XS/2763-issue-tcpdf-library-issue-in-wplms-attendance-addon
And found this article: https://www.zdnet.com/article/severe-security-bug-found-in-popular-php-library-for-creating-pdf-files/
We need to update the TCPDF library to resolve this
The topic ‘Detected the problem’ is closed to new replies.