Security issue

  • Resolved nickmerk

    (@nickmerk)


    7 months, 3 weeks ago

    Please advise on this security issue we received from our host.

    At WP Engine we take the security of your sites very seriously, and make every effort to keep our customers aware of any potential security risks. We are reaching out to you today because we identified resources that may be utilizing a vulnerable version of the wp-table-builder plugin.

    The vrnevada on dpvideo is running version 1.5.0.
    The everysmile on dpvideo is running version 1.4.15.

    WP Engine summary of the vulnerability: Data from an attacker could be interpreted as code by site visitors’ web browsers. The ability to run code in another site visitors’ browser can be abused to steal information, or modify site configuration.

    This vulnerability’s information has been verified by WPScan. Please note that questions related to this notification should be directed to WPScan, the plugin Author or the 3rd-party researcher for the most accurate information.

    Resources providing further information on this vulnerability:

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3282
    https://research.cleantalk.org/cve-2024-3282/
    https://wpscan.com/vulnerability/12bf5e8e-24c9-48b9-b94c-c14ed60d7c15

    There does not appear to be a fix for this update at this moment and we recommend updating when one becomes available.

Viewing 6 replies - 1 through 6 (of 6 total)
Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Security issue’ is closed to new replies.