Title: Find vulnerability for diff plugin Last modified: August 15, 2022 --- # Find vulnerability for diff plugin * Resolved [Richer Yang](https://wordpress.org/support/users/fantasyworld/) * (@fantasyworld) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/) * My site is install plugin [Post SMTP Mailer](https://tw.wordpress.org/plugins/post-smtp/).( slug post-smtp ) * Jetpack Protect say that plugin has a XSS vulnerability. and give the detail info [https://wpscan.com/vulnerability/697f4979-a702-457c-a0b4-4a210db42d73](https://wpscan.com/vulnerability/697f4979-a702-457c-a0b4-4a210db42d73). * BUT that detail info is for plugin [postman-smtp](https://wordpress.org/plugins/postman-smtp/)( slug postman-smtp ), it’s diff with my installed plugin. Viewing 8 replies - 1 through 8 (of 8 total) * [Mohamed Mehdi Benchalal](https://wordpress.org/support/users/muffinpeace/) * (@muffinpeace) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15917725) * Hi [@fantasyworld](https://wordpress.org/support/users/fantasyworld/) * The Post SMTP Mailer plugin is a fork of the original Postman SMTP plugin after it was removed from the WordPress.org repository, you can find more information below: * [https://www.cloudways.com/blog/post-smtp-mailer-fork-of-wordpress-postman-smtp-plugin/#step1](https://www.cloudways.com/blog/post-smtp-mailer-fork-of-wordpress-postman-smtp-plugin/#step1) * If you are running the latest version and that persists, please [reach out to us here](https://href.li/?https://jetpack.com/contact-support/?rel=support&hpi=1). * Thread Starter [Richer Yang](https://wordpress.org/support/users/fantasyworld/) * (@fantasyworld) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15917780) * Yes. I use the latest version of NEW fork plugin “Post SMTP Mailer” ( slug is post-smtp ) * But Jetpack Protect say my site has 1 vulnerabilities found. The details info show that is the old original plugin ( slug postman-smtp ) vulnerability. * [lastsplash (a11n)](https://wordpress.org/support/users/lastsplash/) * (@lastsplash) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15921722) * Hi [@fantasyworld](https://wordpress.org/support/users/fantasyworld/) – * I downloaded the latest version of the “Post SMTP Mailer” plugin [from WordPress.org](https://wordpress.org/plugins/post-smtp/). When I installed the plugin, Jetpack did not detect any threats. * Could you please post your site URL here so that we can have a look? * If you want it to remain private, you can also contact us [via this contact form](https://jetpack.com/contact-support/?rel=support&hpi=1). If you choose to reach out directly, please include a link to this thread. * Thanks! * Thread Starter [Richer Yang](https://wordpress.org/support/users/fantasyworld/) * (@fantasyworld) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15922385) * My site is [https://richer.tw](https://richer.tw) * i am use postman-smtp first. Then remove it when XSS issuu found time. And change to the new “Post SMTP Mailer” * [lastsplash (a11n)](https://wordpress.org/support/users/lastsplash/) * (@lastsplash) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15928696) * Thanks for the additional information. * I’ve escalated this to our development team and we’ll have an answer for you as soon as we hear back from them. * [lastsplash (a11n)](https://wordpress.org/support/users/lastsplash/) * (@lastsplash) * [3 years, 9 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15963057) * Hi [@fantasyworld](https://wordpress.org/support/users/fantasyworld/) – * Sorry for the delay here, but a fix has been deployed for this behavior. The plugin should no longer be misidentified. * Let us know if you continue to have issues. * Thread Starter [Richer Yang](https://wordpress.org/support/users/fantasyworld/) * (@fantasyworld) * [3 years, 8 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15973335) * Hi [@lastsplash](https://wordpress.org/support/users/lastsplash/) * The issue ” vulnerability for diff plugin ” is fixed with my site. * [lastsplash (a11n)](https://wordpress.org/support/users/lastsplash/) * (@lastsplash) * [3 years, 8 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15984466) * Hi [@fantasyworld](https://wordpress.org/support/users/fantasyworld/) – * Thanks for confirming. I am going to mark this thread as resolved now. Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Find vulnerability for diff plugin’ is closed to new replies. * ![](https://ps.w.org/jetpack-protect/assets/icon-256x256.png?rev=2820708) * [Jetpack Protect](https://wordpress.org/plugins/jetpack-protect/) * [Frequently Asked Questions](https://wordpress.org/plugins/jetpack-protect/#faq) * [Support Threads](https://wordpress.org/support/plugin/jetpack-protect/) * [Active Topics](https://wordpress.org/support/plugin/jetpack-protect/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/jetpack-protect/unresolved/) * [Reviews](https://wordpress.org/support/plugin/jetpack-protect/reviews/) * 10 replies * 3 participants * Last reply from: [lastsplash (a11n)](https://wordpress.org/support/users/lastsplash/) * Last activity: [3 years, 8 months ago](https://wordpress.org/support/topic/find-vulnerability-for-diff-plugin/#post-15984466) * Status: resolved