Security vulnerability | ww.wp.xz.cn

dooza
(@dooza)

5 months, 3 weeks ago

Hi there, Solid Security is reporting that this plugin has a security vulnerability: https://patchstack.com/database/wordpress/plugin/woocommerce-sendinblue-newsletter-subscription/vulnerability/wordpress-sendinblue-for-woocommerce-plugin-4-0-49-broken-access-control-vulnerability

Can you confirm if this is being addressed?

Viewing 2 replies - 1 through 2 (of 2 total)

Branimir Grbesic
(@bgwebnorth)

5 months, 2 weeks ago

+1

Plugin Author prashant1608
(@prashant1608)

5 months, 2 weeks ago

Hi,
we’ve reviewed the report from Solid Security. Based on the information currently available, the reported issue appears to be low severity and unlikely to be exploited.
That said, we take security seriously. we’ve already made recent improvements to address one of the unauthenticated endpoints in the plugin, and we’re planning a release that includes this fix. we’ll continue to investigate further.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

2 replies
4 participants
Last reply from: prashant1608
Last activity: 5 months, 2 weeks ago
Status: not resolved