WordPress Complianz premium plugin 6.3.5 Has vulnerability

  • Resolved Gruskel

    (@elevas33)


    2 years, 1 month ago

    My WordPress Toolkit says:
    “WordPress Toolkit has detected known vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WordPress Toolkit to perform automatic actions when vulnerabilities are detected”:

    WordPress Complianz premium plugin <= 6.3.5 – Auth. SQL Injection (SQLi) vulnerability

    Please Fix it, thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Aert Hulsebos

    (@aahulsebos)

    Hi @elevas33,

    Thank you. This is fixed in the latest releases of Premium and Free.

    General information:

    This might affect a very small percentage of websites with a specific setting and specific version of Complianz. You will need a combination of other plugins and a specific user role (Authenticated) to leverage the issue.

    This issue was found and communicated before it was made public and patched and released in a couple of days. Afterwards it was sent for publication so security plugins can notify their users as well.

    If you have any other questions, let me know.

    regards Aert

    Thread Starter Gruskel

    (@elevas33)

    Version 6.3.6 solves this problem then? , thank you.

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    Yes, 6.3.6 premium and 6.3.4 free were released last week and contain the fix.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WordPress Complianz premium plugin 6.3.5 Has vulnerability’ is closed to new replies.