Title: Great Plugin But Input validation vulnerability version 1.2.5 – Medium Risk Last modified: November 6, 2024 --- # Great Plugin But Input validation vulnerability version 1.2.5 – Medium Risk * [ryan01200](https://wordpress.org/support/users/ryan01200/) * (@ryan01200) * [1 year, 5 months ago](https://wordpress.org/support/topic/great-plugin-but-input-validation-vulnerability-version-1-2-5-medium-risk/) * This plugin is great and I’ve been using it for years although recently the plugin has a security issue that allows hackers to inject harmful code into web pages. This can only happen on certain types of websites, and only if the site has a specific setting disabled. If you have this plugin and use it on your website, make sure to update to version 1.2.6 or higher to avoid this vulnerability. * If you have a good security system in place like cloudfare or real simple security plugin you should be fine but this why you need to make sure your updating your software constantly Viewing 1 replies (of 1 total) * [angelagrey](https://wordpress.org/support/users/angelagrey/) * (@angelagrey) * [1 year, 5 months ago](https://wordpress.org/support/topic/great-plugin-but-input-validation-vulnerability-version-1-2-5-medium-risk/#post-18121927) * Hi, * Thank you for the feedback. I supposed you’re referring to this recent problem: [https://wordpress.org/support/topic/the-cross-site-scripting-xss-vulnerability-in-the-wordpress-email-template/](https://wordpress.org/support/topic/the-cross-site-scripting-xss-vulnerability-in-the-wordpress-email-template/) * We’re still working on it. And we’ll update our plugin soon. * Just to clarify, our plugin works on the back end only, which means the users who access your site must at least have **manage_woocommerce** permission to reach the email setting page. * Best regards. Viewing 1 replies (of 1 total) The topic ‘Great Plugin But Input validation vulnerability version 1.2.5 – Medium Risk’ is closed to new replies. * ![](https://ps.w.org/email-template-customizer-for-woo/assets/icon-256x256.gif? rev=3080872) * [Email Template Customizer for WooCommerce](https://wordpress.org/plugins/email-template-customizer-for-woo/) * [Support Threads](https://wordpress.org/support/plugin/email-template-customizer-for-woo/) * [Active Topics](https://wordpress.org/support/plugin/email-template-customizer-for-woo/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/email-template-customizer-for-woo/unresolved/) * [Reviews](https://wordpress.org/support/plugin/email-template-customizer-for-woo/reviews/) * 2 replies * 2 participants * Last reply from: [angelagrey](https://wordpress.org/support/users/angelagrey/) * Last activity: [1 year, 5 months ago](https://wordpress.org/support/topic/great-plugin-but-input-validation-vulnerability-version-1-2-5-medium-risk/#post-18121927)