Title: Security vulnerability Last modified: December 9, 2024 --- # Security vulnerability * Resolved [wpo9256](https://wordpress.org/support/users/wpo9256/) * (@wpo9256) * [1 year, 6 months ago](https://wordpress.org/support/topic/security-vulnerability-161/) * Hello, like in version 3.0.1 there is unfortunately still a security risk detected in version 3.0.2: * [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/weather-atlas/weather-atlas-widget-301-unauthenticated-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/weather-atlas/weather-atlas-widget-301-unauthenticated-cross-site-scripting) Viewing 6 replies - 1 through 6 (of 6 total) * [ratputin](https://wordpress.org/support/users/ratputin/) * (@ratputin) * [1 year, 5 months ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18228566) * SolidWP/Patchstack is still reporting the issue as well: [https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_a_id=431](https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_a_id=431) * [djenk](https://wordpress.org/support/users/djenk/) * (@djenk) * [1 year, 4 months ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18241292) * Info from Wordfence: [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/weather-atlas/weather-atlas-widget-301-unauthenticated-cross-site-scripting](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/weather-atlas/weather-atlas-widget-301-unauthenticated-cross-site-scripting) * [Ken Sim](https://wordpress.org/support/users/kwsim539/) * (@kwsim539) * [1 year, 4 months ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18241597) * You marked a previous support post with a similar vulnerability issue as resolved, but it seems this XSS vulnerability remains even on this 3.0.2 version. Do you have any plans to address this? * [https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability](https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability) * Plugin Author [Weather Atlas](https://wordpress.org/support/users/weatheratlas/) * (@weatheratlas) * [11 months, 1 week ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18544004) * [https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability](https://patchstack.com/database/wordpress/plugin/weather-atlas/vulnerability/wordpress-weather-atlas-widget-plugin-3-0-1-cross-site-scripting-xss-vulnerability) * v3.0.4 is fixed.  * Update to version 3.0.4 (or later). * [Ken Sim](https://wordpress.org/support/users/kwsim539/) * (@kwsim539) * [11 months, 1 week ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18544570) * [@weatheratlas](https://wordpress.org/support/users/weatheratlas/) – Thanks for finally getting around to fixing this. Unfortunately, I could leave my clients’ websites exposed to this vulnerability for the past 7 months, so I was forced moved them to a different plugin that keeps their code updated more regularly. - This reply was modified 11 months, 1 week ago by [Ken Sim](https://wordpress.org/support/users/kwsim539/). * [splendorcom](https://wordpress.org/support/users/splendorcom/) * (@splendorcom) * [11 months, 1 week ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18545495) * Thanks for fixing it! Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Security vulnerability’ is closed to new replies. * ![](https://ps.w.org/weather-atlas/assets/icon-256x256.png?rev=1682546) * [Weather Atlas Widget](https://wordpress.org/plugins/weather-atlas/) * [Frequently Asked Questions](https://wordpress.org/plugins/weather-atlas/#faq) * [Support Threads](https://wordpress.org/support/plugin/weather-atlas/) * [Active Topics](https://wordpress.org/support/plugin/weather-atlas/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/weather-atlas/unresolved/) * [Reviews](https://wordpress.org/support/plugin/weather-atlas/reviews/) * 11 replies * 6 participants * Last reply from: [splendorcom](https://wordpress.org/support/users/splendorcom/) * Last activity: [11 months, 1 week ago](https://wordpress.org/support/topic/security-vulnerability-161/#post-18545495) * Status: resolved