Title: Plugin Security Vulnerability Notice Last modified: November 30, 2022 --- # Plugin Security Vulnerability Notice * Resolved [tsaffeld](https://wordpress.org/support/users/tsaffeld/) * (@tsaffeld) * [3 years, 5 months ago](https://wordpress.org/support/topic/plugin-security-vulnerability-notice/) * Hi We recently received this notice from our hosting provider regarding this plugin ———————————– Your site is utilizing a vulnerable version of the **Menu Item Visibility Control plugin**. * At this time, **we are not seeing that the plugin author has released an update or patch for this vulnerability**. WP Engine has attempted to reach out to the plugin author to request the timing of a patch. We will report back to you if/ when we receive a timeframe for when the author expects to release one. * WP Engine summary of the vulnerability: An attacker could use this vulnerability to modify site configuration, including adding backdoors such as other WordPress administrators. * Original 3rd-party’s report on the vulnerability: Please note that questions related to this article should be directed to the 3rd-party researcher and not WP Engine: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24942](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24942) [https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418](https://wpscan.com/vulnerability/eaa28832-74c1-4cd5-9b0f-02338e23b418) * We encourage you to assess the risk of continuing to use this plugin until a patch is released.` * ———————————- * Will you be updating your plugin to address this security risk? - This topic was modified 3 years, 5 months ago by [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/). - This topic was modified 3 years, 5 months ago by [tsaffeld](https://wordpress.org/support/users/tsaffeld/). Viewing 1 replies (of 1 total) * [z3120](https://wordpress.org/support/users/z3120/) * (@z3120) * [3 years, 4 months ago](https://wordpress.org/support/topic/plugin-security-vulnerability-notice/#post-16353233) * Hi, This notice appears to be placed in the incorrect location. It looks like you are looking for **menu-items-visibility-control** – _“This plugin has been closed as of November 28, 2022 and is not available for download. This closure is temporary, pending a full review.”_ [https://wordpress.org/plugins/menu-items-visibility-control/](https://wordpress.org/plugins/menu-items-visibility-control/)“ Menu Item Visibility Control”The proof of concept isn’t either boolean which would be required for custom rules for this plugin.This comment can be removed as when it in the correct location as it would be irrelevant. Viewing 1 replies (of 1 total) The topic ‘Plugin Security Vulnerability Notice’ is closed to new replies. * ![](https://ps.w.org/if-menu/assets/icon-256x256.png?rev=1862232) * [If Menu - Visibility control for Menus](https://wordpress.org/plugins/if-menu/) * [Frequently Asked Questions](https://wordpress.org/plugins/if-menu/#faq) * [Support Threads](https://wordpress.org/support/plugin/if-menu/) * [Active Topics](https://wordpress.org/support/plugin/if-menu/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/if-menu/unresolved/) * [Reviews](https://wordpress.org/support/plugin/if-menu/reviews/) * 1 reply * 2 participants * Last reply from: [z3120](https://wordpress.org/support/users/z3120/) * Last activity: [3 years, 4 months ago](https://wordpress.org/support/topic/plugin-security-vulnerability-notice/#post-16353233) * Status: resolved