Wordfence tagged everyone using this plugin and said to deactivate and delete ASAP yesterday – can we get an update?
iThemes Security reports 4.7.2 as vulnerable to CSRF as well.
As per the vulnerability report, this issue seems to be fixed for version 4.7.2 onwards. If you’re using 4.7.1 or lower, please update to 4.7.2 soonest to avoid your site being vulnerable to the CSS issue.
Also after updating, wordfence still flag it as a vulnerability issue. When will it get fixed?
4.7.2 is being reported as vulnerable too.
Hi @tomcobbley ,@wzshop ,@stoelwinder ,@anotherdave ,@bcolflesh
Sorry for the inconvenience.
Yes, We are looking into this & will get back to you soon with a solution.
Regards,
Moksha.
Hi @tomcobbley, @wzshop , @stoelwinder, @anotherdave, @bcolflesh
I apologize for the inconvenience you have faced due to an issue with our plugin. We have released v4.7.3 which has the patch for the Cross-Site Request Forgery vulnerability issue. Kindly update the plugin and let us know if that resolved the issue for you or not.
Regards,Moksha.
@mokshasharmila13 After updating to 4.7.3 the iThemes Security scan reports back clean, all good. Thank you for the update!
Hi @anotherdave
Good to know that your problem is resolved.
It would be great if you can give a review for the plugin & the support on https://wordpress.org/support/plugin/woocommerce-delivery-notes/reviews/#new-post. That would be very helpful.
Regards,Moksha.
I couldn’t review the plugin since I don’t use it (a client of mine does) but I rated your support 🙂
4.7.3 definitely resolved the issue.
