version disclosure vulnerability

  • Resolved prachi2patel

    (@prachi2patel)


    8 months, 3 weeks ago

    Our scanner has found Version Disclosure (DataTables) vulnerability – /tablepress/js/jquery.datatables.min.js?ver=3.1.3

    is there a way that this can be resolved?

Viewing 1 replies (of 1 total)
  • Plugin Author Tobias Bäthge

    (@tobiasbg)

    8 months, 3 weeks ago

    Hi @prachi2patel,

    Thanks for your message. Can you clarify what you mean? That “3.1.3” in that URL? This is the standard way for WordPress to do “cache busting”. The plugin’s version number is appended to the URL, to ensure that the latest version is loaded.

    This is not a security issue, as version information are public (and the version can be found in many other ways anyways).

    Or am I misunderstanding something?

    (However, please note: Version 3.1.3 of TablePress does have a security issue, unrelated to this version number in that URL, so that I recommend updating to TablePress 3.2.1.)

    Best wishes,
    Tobias

Viewing 1 replies (of 1 total)

The topic ‘version disclosure vulnerability’ is closed to new replies.