Fake vulnerability alert warning

  • Plugin Author Namith Jawahar

    (@namithjawahar)


    6 years, 6 months ago

    A non existent vulnerability alert is doing rounds on the internet about Wp-Insert. Rest assured this was an issue that was fixed more than 2 years ago. The file paths mentioned in the report actually doesn’t even exist in the plugin. Be it malicious intent by some paid plugins or a honest mistake by a security expert please be assured that such a vulnerability does not exist in Wp-insert.
    PS : The plugin doesn’t even use the WYSIWYG FCK Editor blamed for causing the vulnerability in the report.

Viewing 1 replies (of 1 total)
  • Plugin Author Namith Jawahar

    (@namithjawahar)

    The said vulnerability was reported to me on September 26th by the author and I immediately reverted back informing him that its a false report and a file by such name or even such a path does not exist in the plugin and the author had acknowledged my reply. Still the author went ahead and published the report on September 27th.
    I sincerely hope this was an honest mistake and corrective action would be taken by the author.

Viewing 1 replies (of 1 total)
  • The topic ‘Fake vulnerability alert warning’ is closed to new replies.