no, I haven’t been notified
I am trying to workout what the issue is
Thanks for letting me know
Hi Paul,
WPScan also is reporting this vulnerability: https://wpscan.com/vulnerability/039b05c7-4715-4e30-b221-9fb1b0ca01f5/
Thanks for looking into this issue. We’ve been using this plugin for a long time and really like it… does just what we need.
Denise
Released version 2.1.17, which fixes this
a couple of the the inputs from the code weren’t escaped
I’ve just updated to the new version. Thank you!
still trying to work how to get the alert cleared
