iThemes Security says this theme is vulnerable

  • Resolved anotherdave

    (@anotherdave)


    1 year, 9 months ago

    @ciorici – I thought you might want to know that iThemes Security has just started sending alerts stating that Inspiro v1.7.8 contains a XSS vulnerability. I think may be a false-positive, since in some of the details they mention Inspiro Pro premium versions older than 7.2.3 , and obviously Inspiro 1.7.8 is the free / lite version. Perhaps you have a contact at iThemes who could help resolve this?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hello @anotherdave

    We are aware of this issue; indeed, it’s a false positive.

    This was an issue in the Pro version, which was fixed months ago.

    The free version was not affected by this issue, so no update is necessary.

    Feel free to ignore this notification, as @ithemes assigned this vulnerability to the wrong theme.

    We’ve contacted them several times to fix this problem, but they never did it.

    Thread Starter anotherdave

    (@anotherdave)

    @ciorici Thank you so much! I could tell that it was likely a false-positive and a version mixup by security vendors. This appears to have been resolved as of February 11th / version 1.7.9

    Cheers,
    Dave

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘iThemes Security says this theme is vulnerable’ is closed to new replies.