Title: Incorrect vulnerability report Last modified: February 23, 2026 --- # Incorrect vulnerability report * Resolved [Gal Baras](https://wordpress.org/support/users/galbaras/) * (@galbaras) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/) * Solid Security is showing alerts for `WordPress Contact Form 7 Dynamic Text Extension plugin <= 5.0.5 - Content Injection vulnerability`, but when clicked, the vulnerability pages is titled `WordPress Contact Form 7 Dynamic Text Extension plugin <= 5.0.3- Content Injection vulnerability` and the Patchstack link shows a search form. Furthermore, searching for the plugin’s name on that search page brings up nothing. * Juts to be clear, the plugin version on the site is 5.0.5 since 2026-02-18. * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fincorrect-vulnerability-report%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Support [chandelierrr](https://wordpress.org/support/users/shanedelierrr/) * (@shanedelierrr) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18830646) * Hello [@galbaras](https://wordpress.org/support/users/galbaras/), * Thanks for reaching out! * I tried installing the same plugin on my test site, however, I’m seeing the correct version number on the details screen: [https://share.zight.com/p9uJpwNy](https://share.zight.com/p9uJpwNy), so the version mismatch you’re seeing (title showing 5.0.3) may be due to caching or an older copy of the data on your environment. * I can reproduce the second behavior: clicking the vulnerability details link does send you to the Patchstack search page instead of the specific vulnerability. However, this seems to be happening on the specific report only (see [here](https://www.loom.com/share/df7ff677a6bb45d4b0a01beafabeafb2)). * Searching for this vulnerability on Patchstack database does show the report in the results, but opening that specific report redirects back to the search page. That may be due to that report’s page being edited or updated on Patchstack’s side. * For now, please monitor if the issue persists or occurs on other reports (we’ll also monitor on our side), and we’ll follow up for updates. * Thanks for the flag, and let me know how it goes on your end.  * Thread Starter [Gal Baras](https://wordpress.org/support/users/galbaras/) * (@galbaras) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18831490) * Thank you for this. * I can now find the vulnerability report on Patchstack, and clicking it navigates to the correct page. * However, my site is still reporting and linking to the 5.0.3 report (which then redirects to the correct one). * I can’t think how caching might be at play here. The issue has been going on a a while, during which time I updated the site, which clears the (LiteSpeed) cache. It’s more likely related to transients. * Plugin Support [chandelierrr](https://wordpress.org/support/users/shanedelierrr/) * (@shanedelierrr) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18833472) * Hi [@galbaras](https://wordpress.org/support/users/galbaras/), * I see. In that case, can you try following the transient-clearing steps here: [https://solidwp.com/documentation/general-wp/learn-more/clearing-caches-and-transients-in-wordpress/#h-5-clear-wordpress-transients](https://solidwp.com/documentation/general-wp/learn-more/clearing-caches-and-transients-in-wordpress/#h-5-clear-wordpress-transients) * Note that if you can temporarily use a transients manager plugin, there should be a listed transient for site scan that you can manually clear there. * Let me know how it goes. * Thread Starter [Gal Baras](https://wordpress.org/support/users/galbaras/) * (@galbaras) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18834177) * > Enhancement: Update Patchstack details for existing vulnerabilities * This is in the 9.4.6 changelog. Is it related to this thread? * Thread Starter [Gal Baras](https://wordpress.org/support/users/galbaras/) * (@galbaras) * [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18835419) * After clearing expired transients in WooCommerce Tools and updating to v9.4.6, I ran a scan and it came up with the correct details page, but incorrect and Patchstack link. * Thank you. Viewing 5 replies - 1 through 5 (of 5 total) You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fincorrect-vulnerability-report%2F%3Foutput_format%3Dmd&locale=en_US) to reply to this topic. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 9 replies * 2 participants * Last reply from: [Gal Baras](https://wordpress.org/support/users/galbaras/) * Last activity: [3 months, 2 weeks ago](https://wordpress.org/support/topic/incorrect-vulnerability-report/#post-18835419) * Status: resolved