WP Engine Security: Plugin Vulnerability Notification?

This is all I could find, from 2015: https://wpscan.com/vulnerability/217acd0e-da43-49ca-b255-fa2bf8d11295

Newer report here on this issue
Publicly Published
2021-06-16 (about 1 months ago)
Added
2021-07-27 (about 22 hours ago)
Last Updated
2021-07-27 (about 22 hours ago)

https://wpscan.com/vulnerability/ed9d26be-cc96-4274-a05b-0b7ad9d8cfd9

There’s a current one from June/July 2021 for reflected cross site scripting, though it’s beyond my knowledge what it means:
https://wpscan.com/vulnerability/ed9d26be-cc96-4274-a05b-0b7ad9d8cfd9

Hi,

Thank you for reporting this security breach.

I’m currently on vacation and will investigate it in a week.

@phbernard Much appreciated, hopefully it’s a quick fix.

Thanks for all your work on RealFaviconGenerator! Not having to think about app icons anymore has been so nice ??

Have a good holiday and see you soon.
Disregard my post.
It was BLOGVAULT the surveillance pugin who warned me.

Any word on the fix for this? I have it on 70 client sites…

The issue has been fixed in version 1.3.22.

Thank you all for your reports and patience!

@phbernard Thank you!! ??

Thanks for the patched version! FYI I got the notification from two sources: the ever-vigilant Wordfence team (the company behind the Wordfence plugin) as well as on the Dashboard for WP Remote.