Security issue

  • Resolved locker17

    (@locker17)


    1 month, 1 week ago

    You shipping your plugin with Freemius. Recently my scanner alert me that Freemius has a security issue:
    Freemius SDK <= 2.5.9 – Reflected Cross-Site Scripting via fs_request_get

    Can you please update Freemius or check if you have included a fixed version in your plugin.
    Or best, skip Freemius and use something else 🙂

Viewing 1 replies (of 1 total)
  • Plugin Author Ben Roberts

    (@bouncingsprout)

    1 month, 1 week ago

    Hey @locker17,

    That particular version of Freemius was patched right back in 2023! Your scanner may be quite a few years out of date. Never use a scanner in isolation – always cross reference it with the actual version of any theme or plugin you are concerned about. There are strict rules that theme and plugin developers have to go through to have their code hosted on ww.wp.xz.cn, to keep you safe. Generally any active responsible plugin or theme will be patched before the issue even becomes public knowledge.

    Hope that helps!

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.