Security Issue: Outdated jQuery in Otter Blocks Plugin

  • Resolved francescogregori

    (@francescogregori)


    8 months, 1 week ago

    Hello,

    My hosting’s security scanner flagged a file in your Otter Blocks plugin.

    It’s an old version of jQuery (1.12.4) with a known XSS vulnerability (CVE-2019-11358).

    File path: /wp-content/plugins/otter-blocks/vendor/tubalmartin/cssmin/gui/third-party/jquery-1.12.4.min.js

    Could you please update this dependency to a more recent, secure version in the next update?

    Thank you.

    Best regards,
    Francesco

Viewing 1 replies (of 1 total)
  • Plugin Support Kush

    (@kushnamdev)

    8 months ago

    Hey @francescogregori,

    Thank you for contacting us. Please note that We don’t use the JS file anywhere in our code. It’s part of the package’s GUI which is not used in the project and we only use PHP part of the package.

    So it is a false positive and there is no need to worry about this. I have reported this to our team and they will take care of this.

    Best regards

Viewing 1 replies (of 1 total)

The topic ‘Security Issue: Outdated jQuery in Otter Blocks Plugin’ is closed to new replies.

  • 1 reply
  • 2 participants
  • Last reply from: Kush
  • Last activity: 8 months ago
  • Status: resolved