Plugin Vulnerability Reported by WP Engine: Is this patched?

  • Resolved Sapient Creative Services

    (@sapientcreative)


    1 year, 4 months ago

    Hello, we just received notice from WP Engine (our hosting service being used for various sites) that there is a vulnerability in this plugin. The below is the core message of the notification. Has this been patched? Please let us know. Thank you so much!

    ==== FROM WP ENGINE =====

    At this time, we are not seeing that the plugin author has released an update or patch for this vulnerability.?

    WP Engine summary of the vulnerability: Data from an attacker could be interpreted as code by site visitors’ web browsers. The ability to run code in another site visitors’ browser can be abused to steal information, or modify site configuration. 

    Original 3rd-party’s report on the vulnerability: Please note that questions related to this article should be directed to the 3rd-party researcher and not WP Engine:??
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33999
    https://wpscan.com/vulnerability/9f01090f-df5b-4d9e-bc4d-fac9150fdfe6

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Plugin Vulnerability Reported by WP Engine: Is this patched?’ is closed to new replies.