Title: Plugin vulnerabilities? Last modified: July 4, 2024 --- # Plugin vulnerabilities? * Resolved [Rafael Fischmann](https://wordpress.org/support/users/rfischmann/) * (@rfischmann) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/) * Hi, * I today received an alert from cPanel which says that Redis Object Cache’s version 2.5.2 would have all kinds of security vulnerabilities: * ```wp-block-code GHSA-24WV-MV5M-XV4HCVE-2021-31294CVE-2023-25155CVE-2021-32628GHSA-35Q2-47Q7-3PC3CVE-2021-32687CVE-2021-32762CVE-2021-32675CVE-2022-24736CVE-2022-3647CVE-2021-3470CVE-2022-35977CVE-2023-28856CVE-2021-32625CVE-2021-41099CVE-2016-8339GHSA-J3CR-J9JX-MF4PCVE-2022-36021GHSA-8FWW-64CX-X8P5CVE-2021-32761CVE-2021-21309CVE-2022-24735 ``` * Is that for real? If so, when should we expect an update? * Thanks a lot in advance. Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [Till Krüss](https://wordpress.org/support/users/tillkruess/) * (@tillkruess) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17881510) * We have not been notified that Redis Object Cache contains any security vulnerabilities. Maybe that’s related to Redis Server itself? Can you post the full message? * Thread Starter [Rafael Fischmann](https://wordpress.org/support/users/rfischmann/) * (@rfischmann) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17881528) * [@tillkruess](https://wordpress.org/support/users/tillkruess/) I’ve since deleted that cPanel email and haven’t received any new alerts from it, which means it might have been a mistake on their part. Sorry for the unnecessary annoyance. * Thread Starter [Rafael Fischmann](https://wordpress.org/support/users/rfischmann/) * (@rfischmann) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17882867) * So, coincidentally, I’ve just received a new alert from cPanel and that same list is still there for your plugin. Here you go: [https://app.sparkmailapp.com/web-share/IO1sjj7OrYQXujud_rsXpZVuwbr5IsSGV6QaV0-E](https://app.sparkmailapp.com/web-share/IO1sjj7OrYQXujud_rsXpZVuwbr5IsSGV6QaV0-E) * I have no idea why are they listing all those vulnerabilities for your plugin, nor where does that come from. Maybe you should try to get in touch with their Imunify360 Security Team and sort this out… * Plugin Author [Till Krüss](https://wordpress.org/support/users/tillkruess/) * (@tillkruess) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17884851) * Yep, these are issues with Redis Server itself. That security tool should be notified that it’s catching this wrong. * Thread Starter [Rafael Fischmann](https://wordpress.org/support/users/rfischmann/) * (@rfischmann) * [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17885346) * Thank you, got it. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Plugin vulnerabilities?’ is closed to new replies. * ![](https://ps.w.org/redis-cache/assets/icon-256x256.gif?rev=2568513) * [Redis Object Cache](https://wordpress.org/plugins/redis-cache/) * [Support Threads](https://wordpress.org/support/plugin/redis-cache/) * [Active Topics](https://wordpress.org/support/plugin/redis-cache/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/redis-cache/unresolved/) * [Reviews](https://wordpress.org/support/plugin/redis-cache/reviews/) * 6 replies * 2 participants * Last reply from: [Rafael Fischmann](https://wordpress.org/support/users/rfischmann/) * Last activity: [1 year, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerabilities-3/#post-17885346) * Status: resolved