WordPress Rate my Post – Contributor Stored XSS vulnerability

Hi there,

The vulnerability was fixed in version 3.3.9 as stated in the changelog. WPScan team confirmed the fix today. What plugin is reporting the vulnerability?

Regards,
Blaz

WP Toolkit has detected new vulnerabilities on WordPress sites under your care. It is strongly recommended to update or disable vulnerable assets on these sites. You can also configure WP Toolkit to perform automatic actions when vulnerabilities are detected.

Hi,

Do you have WP Toolkit contact info? I haven’t been informed about new vulnerabilities and I also can’t find any information about this in major vulnerability databases that track WP plugins (Patchstack, Wordfence etc.).

Regards,
Blaz

As seen here (https://wpscan.com/vulnerability/1c4f379d-252a-487b-81c9-bf711ab71dff) this has been fixed in version 3.3.9.

Regards,
Blaz

I don’t understand anything about it. The control panel informed me that there is a vulnerability in the plugin. I reported it on the forum. If you need more information about the WP Toolkit, then you can find it here https://cpanel.net/wp-toolkit/

AccuWeb Hosting is hosting provided for me CPanel and WP Toolkit. If you need more information, I think you can ask these guys.

• This reply was modified 2 years, 2 months ago by advertino.