Cross Site Scripting vulnerability in plugin

  • Resolved EvD

    (@elkevandrunen)


    1 year, 1 month ago

    Dear sir/madam,

    According to Patchstack.com your Woo Labels plugin has a cross site scripting vulnerability.

    Is that correct? If yes, when will there be an update available?

    Best, E

Viewing 4 replies - 1 through 4 (of 4 total)
  • megapublicidad

    (@megapublicidad)

    1 year, 1 month ago

    Hi,
    According to Wordfence, the plugin is vulnerable to stored cross-site scripting (CSS). Is there an update planned to address this issue?
    Is that correct? If yes, when will there be an update available?

    Thank you, I look forward to a response.

    Plugin Author ILLID

    (@mihail-barinov)

    1 year, 1 month ago

    Hi,

    Before this I didn’t receive any email from Patchstack.com about this issue.

    From their report I see that it indeed has some vulnerability that was reported a few days ago.

    It has low priority status and  low severity impact, but I’m still planning to release a new plugin version next week with a fix for this.

    Regards

    Plugin Author ILLID

    (@mihail-barinov)

    1 year, 1 month ago

    Good news – I just released a new plugin version with a fix for this.

    Thread Starter EvD

    (@elkevandrunen)

    1 year, 1 month ago

    Excellent, thank you.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Cross Site Scripting vulnerability in plugin’ is closed to new replies.