Vulnerability?

  • Resolved doylegirl

    (@doylegirl)


    3 years, 1 month ago

    I received this message from my host regarding WP Sitemap Page:

    Summary of the vulnerability: Data from an attacker could be interpreted as code by site visitors’ web browsers. The ability to run code in another site visitors’ browser can be abused to steal information, or modify site configuration.

    At this time, we are not seeing that the plugin author has released an update or patch for this vulnerability. WP Engine has attempted to reach out to the plugin author to request the timing of a patch. We will report back to you if/when we receive a timeframe for when the author expects to release one.

    https://wpscan.com/vulnerability/da66d54e-dda8-4aa8-8d27-b8b87100bb21

    Please advise. Your plugin is great.
    Thanks

Viewing 2 replies - 1 through 2 (of 2 total)

  • iThemes Security Pro plugin is throwing warnings, too.

    Vulnerabilities
    WP Sitemap Page <= 1.6.4 – Admin+ Stored Cross Site Scripting

    I can dig out more details in the log(s) if needed.

    Plugin Author Tony Archambeau

    (@funnycat)

    Hello,
    Sorry about the late reply, the vulnerability was fix on a release today. You can update the plugin to get this fix.
    Thank you for your message, have a wonderfull day.
    Sincerely,
    Tony

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Vulnerability?’ is closed to new replies.