Security Vulnerabilities

  • Resolved alicejanerock

    (@alicejanerock)


    2 weeks ago

    Hello, we are having several security vulnerabilities raised against the Visualizer plugin. All state the following :

    Info:?All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.

    We have two instances of this in the following filepaths :

    /agent/_work/2/s/wp-content/plugins/visualizer/classes/Visualizer/Gutenberg/build/block.js
    /agent/_work/2/s/wp-content/plugins/visualizer/js/lib/datatables.min.js

    Please could you tell me whether these are genuine vulnerabilities or false positives. If they are genuine, please could you tell me when they will be fixed. If they are false positives, please could you explain why.

    We are using version 3.1.16

    Thanks!

    Alice

Viewing 1 replies (of 1 total)
  • Plugin Support Kush

    (@kushnamdev)

    Hey @alicejanerock ,

    Thank you for reporting this.

    We have fixed these vulnerabilities in the update V3.11.7. We recommend you to kindly update the plugin.

    Best regards

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.