Critical security errors reported with Solid Security Pro | WordPress.org

DesignByKiltz
(@dbkiltz)

4 months, 4 weeks ago
Solid Security Pro is reporting these 2 issues – when will you have an update that fixes them?
- Remote Code Execution (RCE)
- Cross Site Scripting (XSS)

Viewing 7 replies - 1 through 7 (of 7 total)

defensiefotografie
(@defensiefotografie)

4 months, 4 weeks ago

Wordfence also finds this security issue
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-last-modified-info/wp-last-modified-info-192-authenticated-contributor-stored-cross-site-scripting

skymouse
(@skymouse)

4 months, 3 weeks ago

Does version 1.9.3 fix the Stored XSS issue affecting ≤ 1.9.0?

LightCatcher
(@pdesopo)

4 months, 2 weeks ago

Jetpack warning:

Vulnerable plugin: WP Last Modified Info (version 1.9.3)

zepolo
(@zepolo)

4 months, 2 weeks ago

Vulnerability Severity: 6.4/10.0 (Medium).

It appears that the security vulnerability has not yet been fixed.

I hope the plugin author reads these messages

nonobio
(@nonobio)

4 months, 2 weeks ago

I also got the security notification in my Wordfence

anastas10s
(@anastas10s)

4 months, 2 weeks ago

Howdy folks! Feel free to check here, for an update:

https://wpscan.com/plugin/wp-last-modified-info/

The XSS vulnerability was fixed, when version 1.9.3 was released. I hope this helps!
paulherzlich
(@paulherzlich)

4 months, 2 weeks ago
Wordfence is still flagging this as a serious security issue as of 6 hours ago, even in 1.9.4
- This reply was modified 4 months, 2 weeks ago by paulherzlich.

Viewing 7 replies - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

Tags

security issue

11 replies
8 participants
Last reply from: paulherzlich
Last activity: 4 months, 2 weeks ago
Status: not resolved