Title: Sever Security Issue
Last modified: April 1, 2026

---

# Sever Security Issue

 *  [Mark](https://wordpress.org/support/users/reviewify/)
 * (@reviewify)
 * [1 month, 3 weeks ago](https://wordpress.org/support/topic/sever-security-issue/)
 * I’ve had the following security notification from Patchstack. Is this being addressed?
 * The vulnerability has been detected in **Auto Post Scheduler (Plugin)**:
    - Vulnerability: **WordPress Auto Post Scheduler plugin <= 1.84 – Cross-Site
      Request Forgery to Stored Cross-Site Scripting via aps_options_page vulnerability**.
    - Severity: **High**.

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsever-security-issue%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://s.w.org/plugins/geopattern-icon/auto-post-scheduler_bfcacf.svg)
 * [Auto Post Scheduler](https://wordpress.org/plugins/auto-post-scheduler/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/auto-post-scheduler/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/auto-post-scheduler/)
 * [Active Topics](https://wordpress.org/support/plugin/auto-post-scheduler/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/auto-post-scheduler/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/auto-post-scheduler/reviews/)

 * 0 replies
 * 1 participant
 * Last reply from: [Mark](https://wordpress.org/support/users/reviewify/)
 * Last activity: [1 month, 3 weeks ago](https://wordpress.org/support/topic/sever-security-issue/)
 * Status: not resolved