False positive error

  • Hello,

    After a scan, Wordfence found a problem:
    The Plugin “WP Affiliate Platform” has a security vulnerability.

    I contacted the plugin developer (Tips and Tricks Hq) and he said that this warning seems to be a false positive.
    In the Wordfence dashboard, there is no indication of this vulnerability. Only a link “says” to deactivate the plugin and delete it.
    Then, how could i have information about this so called security vulnerability?
    The plugin version is the latest, WordPress version too and php version is 7.4
    The developer himself confirms to me that he has contacted Wordfence about this and is still waiting for a response.
    Thanks a lot for your help.
    Best Regards

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wftiffany

    (@wftiffany)

    Hi @vafflo2005,

    Thanks for reaching out to us.

    Our scan is alerting to the presence of this vulnerability: https://packetstormsecurity.com/files/126424/

    It’s from 2014 and unfortunately, we have no way to determine if the plugin has been patched due to a lack of change-logs and no access to paid plugins, so we default to unpatched.

    We’re currently in touch with the developer and have requested proof of the patch and what version it’s been patched in.

    Thanks!
    Tiffany

    Thread Starter Laurent Orlando – OBC WEB

    (@vafflo2005)

    Hello Tiffany,

    Thanks a lot for your fast reply and yes, the developer told me about that few hours ago.
    Have a great day!
    Laurent

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘False positive error’ is closed to new replies.