Cross Site Scripting problem

  • Resolved paulnorko

    (@paulnorko)


    4 months ago

    Hello,

    I’ve been using the Library Bookshelves on my library’s website (and several other library’s sites in West Virginia, and we love it. However, within the past few days, apparently a Cross Site Scripting Error was discovered and this plugin is vulnerable to it. I was just wondering on an ETA for getting a new version so that we could continue to use the plugin. Right now, it keeps getting disabled because of the vulnerability. All the information I have on it is below:

    WordPress Library Bookshelves plugin <= 5.8 – Reflected Cross Site Scripting (XSS) vulnerability
    Reflected Cross Site Scripting (XSS) vulnerability discovered by Mika (Patchstack Alliance) in WordPress Plugin Library Bookshelves (versions <= 5.8)

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author photonicgnostic

    (@photonicgnostic)

    I’m glad you’ve enjoyed using the plugin. An update to fix this vulnerability is in progress. I can’t give you an ETA at this point, but I hope to get around to finishing an update soon.

    Plugin Author photonicgnostic

    (@photonicgnostic)

    The XSS vulnerability has been patched in version 5.9.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.