Title: Plugin Vulnerability – Are you going to create a patch? Last modified: July 26, 2023 --- # Plugin Vulnerability – Are you going to create a patch? * Resolved [charissakv](https://wordpress.org/support/users/charissakv/) * (@charissakv) * [2 years, 10 months ago](https://wordpress.org/support/topic/plugin-vulnerability-are-you-going-to-create-a-patch/) * Please let me know when you’re going to release a patch for this. I just received the following email from WPEngine: * At WP Engine we take the security of your sites very seriously, and make every effort to keep our customers aware of any potential security risks. We are reaching out to you today because we identified your site(s), kairosvc, is (are) utilizing a vulnerable version of the Pods – Custom Content Types and Fields plugin. * At this time, we are not seeing that the plugin author has released an update or patch for this vulnerability. * WP Engine summary of the vulnerability: Data from an attacker could be interpreted as code by site visitors’ web browsers. The ability to run code in another site visitors’ browser can be abused to steal information, or modify site configuration. * Original 3rd-party’s report on the vulnerability: Please note that questions related to this article should be directed to the 3rd-party researcher and not WP Engine: * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33999](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33999) * [https://wpscan.com/vulnerability/9f01090f-df5b-4d9e-bc4d-fac9150fdfe6](https://wpscan.com/vulnerability/9f01090f-df5b-4d9e-bc4d-fac9150fdfe6) * We encourage you to assess the risk of continuing to use this plugin until a patch is released. * Thank you very much. Viewing 1 replies (of 1 total) * Plugin Author [Scott Kingsley Clark](https://wordpress.org/support/users/sc0ttkclark/) * (@sc0ttkclark) * [2 years, 10 months ago](https://wordpress.org/support/topic/plugin-vulnerability-are-you-going-to-create-a-patch/#post-16924863) * Pods is not impacted by this, more details here in this other thread: * [https://wordpress.org/support/topic/notified-of-potential-vulnerability/](https://wordpress.org/support/topic/notified-of-potential-vulnerability/) Viewing 1 replies (of 1 total) The topic ‘Plugin Vulnerability – Are you going to create a patch?’ is closed to new replies. * ![](https://ps.w.org/pods/assets/icon.svg?rev=3286397) * [Pods - Custom Content Types and Fields](https://wordpress.org/plugins/pods/) * [Frequently Asked Questions](https://wordpress.org/plugins/pods/#faq) * [Support Threads](https://wordpress.org/support/plugin/pods/) * [Active Topics](https://wordpress.org/support/plugin/pods/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/pods/unresolved/) * [Reviews](https://wordpress.org/support/plugin/pods/reviews/) * 2 replies * 2 participants * Last reply from: [Scott Kingsley Clark](https://wordpress.org/support/users/sc0ttkclark/) * Last activity: [2 years, 10 months ago](https://wordpress.org/support/topic/plugin-vulnerability-are-you-going-to-create-a-patch/#post-16924863) * Status: resolved