New Security Vulnerability | ww.wp.xz.cn

Resolved Sabina
(@pessimisticoptimist)

1 year, 1 month ago

Hello! I’m wondering if this plugin is still being supported?

Wordfence is reporting a new vulnerability, details here: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/sliderspack-all-in-one-image-sliders/slider-a-sliderspack-23-authenticated-contributor-local-file-inclusion

Thank you!

Viewing 4 replies - 1 through 4 (of 4 total)

Ketan Patel
(@patelketan)

1 year, 1 month ago

Hello,

Sorry for the late reply…

You are send link is not any information for our plugin issue properly so please send proper Security report… we can check and solve properly…

Thanks.

Thread Starter Sabina
(@pessimisticoptimist)

1 year, 1 month ago

Hi,

I’m not the person who discovered the vulnerability so I can’t give you details other than what’s listed on the Wordfence page, that this plugin is vulnerable to Local File Inclusion. That page I linked to does include a reference link to Patchstack, perhaps that page has the information you need? Or the CVE report link?

Thanks.

Ketan Patel
(@patelketan)

1 year, 1 month ago

Hello @Sabina,

Thanks for sharing details…

We have Fixed local file inclusion vulnerability issue. and release plugin version 2.4…

Thanks,

Thread Starter Sabina
(@pessimisticoptimist)

1 year, 1 month ago

Wonderful, thanks very much!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘New Security Vulnerability’ is closed to new replies.

6 replies
2 participants
Last reply from: Sabina
Last activity: 1 year, 1 month ago
Status: resolved