v5.1 Security Issue

Hi everyone,

I’m pleased to report that the vulnerabilities have been fixed in version 5.1.1! ??

Thanks to @cageehv, @jchristopher, the Plugins team, and Patchstack for helping us get this all sorted out. We’ve notified Patchstack and Wordfence, and expect their websites to be updated shortly.

More exciting news coming soon… but in the meantime, please go ahead and update and you’ll be good to go! ??

Cheers!

Andrew

Great! Thanks for working it out together. I’m glad I can use it again without warning ??

Cheers,
Jorim

Hey everyone! Just a quick follow-up on this: We’ve published a blog post that explains a bit more about what’s going on (tl;dr: We adopted the plugin from Rolf). ??

We’re really excited to dig in and make ODADR even better! (Without messing up the things that already make it great, of course.)

https://www.nerdpress.net/announcing-optimize-database/

Heads up – Wordfence has flagged the plugin again
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/rvg-optimize-database/optimize-database-after-deleting-revisions-51-cross-site-request-forgery-via-odb-start-manually

Thanks @giggles420 .

We just released version 5.2 which we expect will fully resolve this…and we’ve let Wordfence know.