Critical XSS vulnerability now fixed in 11.8

  • ResolvedPlugin Author wipeoutmedia

    (@wipeoutmedia)


    11 months ago

    We have just released a critical update for CJT and CJT PLUS addressing an XSS vulnerability, which was detected by Wordfence and a number of other security plugins.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Yeah using your 11.8 but your plugin still reports 11.7 so getting reports of problems all the time in my inbox mate !

    Plugin Author wipeoutmedia

    (@wipeoutmedia)

    Thanks for your reply. Yes, we have recently discovered that the exploit?is coming from the shortcode instead, and is something we didn’t consider before. We will patch this up as soon as possible and also submit the fix to Patchstack.

    Plugin Author wipeoutmedia

    (@wipeoutmedia)

    We have just released CJT version 11.9 that fixes the XSS vulnerability in shortcodes and code blocks. Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Critical XSS vulnerability now fixed in 11.8’ is closed to new replies.