Title: Plugin Vulnerability Notification by WP Engine Last modified: January 10, 2024 --- # Plugin Vulnerability Notification by WP Engine * [dishamodi](https://wordpress.org/support/users/dishamodi/) * (@dishamodi) * [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/) * Hello, * Plugin Vulnerability Notification by WP Engine : * please check below links: * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50826](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50826) * [https://patchstack.com/database/vulnerability/menu-image/wordpress-menu-image-icons-made-easy-plugin-3-10-cross-site-scripting-xss-vulnerability](https://patchstack.com/database/vulnerability/menu-image/wordpress-menu-image-icons-made-easy-plugin-3-10-cross-site-scripting-xss-vulnerability) * [https://wpscan.com/vulnerability/469e3568-cb7e-498e-9458-e7952b2ff31f](https://wpscan.com/vulnerability/469e3568-cb7e-498e-9458-e7952b2ff31f) * seems like an issue related to Cross Site Scripting(XSS). * Please provide a plugin update ASAP. Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [Rui Guerreiro](https://wordpress.org/support/users/takanakui/) * (@takanakui) * [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/#post-17303753) * Hi [@welswebmaster](https://wordpress.org/support/users/welswebmaster/) and [@dishamodi](https://wordpress.org/support/users/dishamodi/) * I just got the details of the vulnerability and will provide a fix in the next 24hours. * Plugin Author [Rui Guerreiro](https://wordpress.org/support/users/takanakui/) * (@takanakui) * [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/#post-17304388) * Hi [@welswebmaster](https://wordpress.org/support/users/welswebmaster/) and [@dishamodi](https://wordpress.org/support/users/dishamodi/) * I just released the version 3.11 that fixes this issue. give it a try. * I submmited the changes to Patchstack so it will be necessary to wait for their review so that the status can change to patched. * Thread Starter [dishamodi](https://wordpress.org/support/users/dishamodi/) * (@dishamodi) * [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/#post-17305504) * Hi [Rui Guerreiro](https://wordpress.org/support/users/takanakui/), * Sorry to say but the issue is not fixed yet. * Please check the screenshot: [https://gyazo.com/733d77416dbb9d12415f8224717d7f6c](https://gyazo.com/733d77416dbb9d12415f8224717d7f6c) * Please fix it ASAP. * Plugin Author [Rui Guerreiro](https://wordpress.org/support/users/takanakui/) * (@takanakui) * [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/#post-17305584) * Hi [@dishamodi](https://wordpress.org/support/users/dishamodi/) * It takes time for the situation change, I sent the code to Patchstack and they will have a look and update their database. * Only after that the other plugins like Wordfence should check again the vulnerability database. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Plugin Vulnerability Notification by WP Engine’ is closed to new replies. * ![](https://ps.w.org/menu-image/assets/icon-128x128.png?rev=2123398) * [Menu Image, Icons made easy](https://wordpress.org/plugins/menu-image/) * [Frequently Asked Questions](https://wordpress.org/plugins/menu-image/#faq) * [Support Threads](https://wordpress.org/support/plugin/menu-image/) * [Active Topics](https://wordpress.org/support/plugin/menu-image/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/menu-image/unresolved/) * [Reviews](https://wordpress.org/support/plugin/menu-image/reviews/) * 7 replies * 4 participants * Last reply from: [Rui Guerreiro](https://wordpress.org/support/users/takanakui/) * Last activity: [2 years, 5 months ago](https://wordpress.org/support/topic/plugin-vulnerability-notification-by-wp-engine/#post-17305584) * Status: not resolved