Site vulnerabilities found

  • Resolved mrmind

    (@mrmind)


    1 year, 10 months ago

    hello,

    I have received the following message from my hosting server.

    WP Toolkit has detected new vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WP Toolkit to perform automatic actions when vulnerabilities are detected.

    WordPress GiveWP Plugin <= 2.23.2 – Unauthenticated SQL Injection Vulnerability

    Im using the latest GiveWP plugin.

    Kindly check and advise. This messages were received on 2 of my GiveWp installation. All uptodate

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @mrmind,
    Glad you reached out about this! Our team discovered this vulnerability and released version 2.24.0 yesterday to address that issue. There are no reports of this vulnerability being exploited, and updating your site today should resolve the issue.?I’ll go ahead and mark this as resolved for now, but if you still have questions you can create a new ticket right here and we’ll be happy to give things a look. Have a great day!

    Plugin Contributor Ben Meredith

    (@benmeredithgmailcom)

    Hi there!

    Yes, we released a patch yesterday for that vulnerability, and wrote more about that here: https://givewp.com/core-2-24-0-vulnerability-patched

    Update to 2.24.0, and you should be all set!

    There’s no indication that this vulnerability is being exploited in the wild, so updating to 2.24.0 should resolve things.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Site vulnerabilities found’ is closed to new replies.