Title: Another Security Vulnerability Last modified: December 5, 2023 --- # Another Security Vulnerability * Resolved [dougie24](https://wordpress.org/support/users/dougie24/) * (@dougie24) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/) * Solid Security Pro is flagging this vulnerability in both old and new version 5.0.6: * Broken Access Control Vulnerability. * Can anything be done to fix this? * Thanks * D Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [David Vongries](https://wordpress.org/support/users/davidvongries/) * (@davidvongries) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17252915) * what’s the flag about? Can you share details please? * Thank you! 🙂 * Thread Starter [dougie24](https://wordpress.org/support/users/dougie24/) * (@dougie24) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17253695) * Here’s what SolidWP is reporting even after upgrade to v5.0.6: * DetailsBroken Access Control vulnerability discovered by Abdi Pranata (Patchstack Alliance) in WordPress Plugin Welcome Email Editor (versions <= 5.0.5) * Vulnerable versions<= 5.0.5 * CVE: [](https://www.cve.org/CVERecord?id=CVE-2023-47756)[CVE-2023-47756](https://www.cve.org/CVERecord?id=CVE-2023-47756) [](https://www.cve.org/CVERecord?id=CVE-2023-47756) * Classification: Broken Access Control * Publicly disclosed: November 13, 2023 * [https://patchstack.com/database/vulnerability/welcome-email-editor/wordpress-welcome-email-editor-plugin-5-0-5-broken-access-control-vulnerability?_a_id=431](https://patchstack.com/database/vulnerability/welcome-email-editor/wordpress-welcome-email-editor-plugin-5-0-5-broken-access-control-vulnerability?_a_id=431) * Thread Starter [dougie24](https://wordpress.org/support/users/dougie24/) * (@dougie24) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17258871) * Hi David * Any update on this issue or should I delete the plugin, because I’m still receiving vulnerability warnings from Solid Security Pro? * Thanks. * Thread Starter [dougie24](https://wordpress.org/support/users/dougie24/) * (@dougie24) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17269886) * Guess it’s time to delete this plugin as no action appears to have been taken. * Plugin Author [David Vongries](https://wordpress.org/support/users/davidvongries/) * (@davidvongries) * [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17270544) * We’ve fixed the vulnerability yesterday and are going to push the update later today 🙂 Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Another Security Vulnerability’ is closed to new replies. * ![](https://ps.w.org/welcome-email-editor/assets/icon-256x256.png?rev=3015931) * [Swift SMTP (formerly Welcome Email Editor)](https://wordpress.org/plugins/welcome-email-editor/) * [Frequently Asked Questions](https://wordpress.org/plugins/welcome-email-editor/#faq) * [Support Threads](https://wordpress.org/support/plugin/welcome-email-editor/) * [Active Topics](https://wordpress.org/support/plugin/welcome-email-editor/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/welcome-email-editor/unresolved/) * [Reviews](https://wordpress.org/support/plugin/welcome-email-editor/reviews/) * 8 replies * 2 participants * Last reply from: [David Vongries](https://wordpress.org/support/users/davidvongries/) * Last activity: [2 years, 6 months ago](https://wordpress.org/support/topic/another-security-vulnerability/#post-17270544) * Status: resolved