A couple of days ago, we received reports from our partner over at AppCarvers regarding cross site scripting (XSS) attacks against EasySocial which possibly allows a remote attacker to inject unwanted elements on a page to take advantage of the site. Read on to learn more about this update.
As always, it has been our priority to ensure that all our products are safe from any vulnerabilities. The release of EasySocial 2.2.6 is primarily a security release to address these possible XSS attacks. If your site is currently running on any versions prior to EasySocial 2.2.6, kindly update to the latest version immediately.
Should you require any assistance at all, do get in touch with us on our helpdesk and someone from our support team will gladly be an assistance to you.