Google Lighthouse sees jquery 1.12.4 as vulnerable

  • hi, I was checking my site with a lighthouse and I have seen this issue.
    Some third-party scripts may contain known security vulnerabilities that are easily identified and exploited by attackers
    Library version jquery1.12.4, 4 vulnerability count, having medium severity.
    please let me know is this a serious issue?
    how can I solve this?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Yui

    (@fierevere)

    永子

    WordPress using patched version. You can ignore those warnings given.

    Make sure you are using latest WordPress version in branch

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    For what it’s worth, WP is on a path to the more modern version of jQuery, but it will take about a year to get there.

    Thread Starter farihaz

    (@farihaz)

    @fierevere i am using updated version 5.5 of WordPress.

    Thread Starter farihaz

    (@farihaz)

    @sterndata so should i ignore this issue ?

    Moderator Yui

    (@fierevere)

    永子

    Yes, you can ignore this issue.
    WordPress’s jQuery is safe.

    Lighthouse/other scanners may complain, because jQuery upstream ceased any further support and security patches for this version. It should be upgraded. Because WordPress aims at perfect backward compatibility whenever possible, migration happens slowly, jQuery itself will be updated in WP 5.6 (most likely),
    but until this, all supported branched (this include WP 3.7.x and up to 5.5.x) are using jQuery patched by WordPress developers, not by upstream.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Google Lighthouse sees jquery 1.12.4 as vulnerable’ is closed to new replies.