Security vulnerability with new version?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author David Anderson / Team Updraft

    (@davidanderson)

    Hi,

    Whatever tool is giving you that alert would appear to be malfunctioning; the version number 1.23.3 is not within the range 2.22.14 – 2.23.2.

    For UpdraftPlus, versions beginning 2. are UpdraftPlus Premium so that notice is not relevant to your install. You should report this to the supplier of your tool so that they can correct their version parsing.

    David

    Thread Starter dlmweb

    (@dlmweb)

    Thanks David,

    In pressing ManageWP on the issue, they confirm:

    The Updraft plugin vulnerability warning is a false-positive warning that can be safely ignored. It appears that PatchStack, our 3rd party vulnerability database, hasn’t received the proper update. However, our developers are aware of the issue and they are actively working on resolving it. I am unable to promise an ETA since I am not aware of their workflow, I hope you understand. Hopefully, the issue will be resolved in the next 48 hours at most. I apologize for the inconvenience.

    https://patchstack.com/database/vulnerability/updraftplus/wordpress-updraftplus-pro-plugin-2-22-14-2-23-2-broken-access-control-vulnerability?_a_id=350

    Thread Starter dlmweb

    (@dlmweb)

    Did you read??

    The Updraft plugin vulnerability warning is a false-positive warning that can be safely ignored. It appears that PatchStack, our 3rd party vulnerability database, hasn’t received the proper update.

    Thanks for shedding light on this, WP Toolkit was giving me the following security alert on the free version of Updraft:

    WordPress UpdraftPlus PRO plugin 2.22.14-2.23.2 – Broken Access Control Vulnerability

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Security vulnerability with new version?’ is closed to new replies.