Site Vulnerability

  • Resolved BayneM

    (@baynem)


    1 year, 1 month ago

    WP Toolkit is providing this warning about the current version of this plugin – WordPress Draw Attention plugin <= 2.0.15 – Broken Access Control vulnerability

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author croixhaug

    (@croixhaug)

    Thanks @baynem we’ve worked with the security team and released v2.0.15 which mitigates the security vulnerability (which only affects contributor-level users who could theoretically be tricked into clicking a link that imports Draw Attention images)

    This is mostly resolved but we’re following up on one more best practice which will be released in v2.0.16 next week.

    Thanks again for getting in touch,
    Nathan

    Plugin Support Cyn

    (@cyn92)

    Hello @baynem, we have just released Draw Attention 2.0.16 this week. Were you able to update to the latest version?

    Thread Starter BayneM

    (@baynem)

    Yes, thank you!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Site Vulnerability’ is closed to new replies.