Vulnerability | ww.wp.xz.cn

Pexle Chris
(@pexlechris)

3 months, 4 weeks ago

Hello. HHave you fix this vulnerabiliy

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/variable-inspector/variable-inspector-263-missing-authorization

?

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author Bowo
(@qriouslad)

3 months, 4 weeks ago

@pexlechris yes, it was patched in v2.6.3: https://ww.wp.xz.cn/plugins/variable-inspector/#developers (changelog)

However, I think I did not remember to submit the patch via Pathstack’s official report page, so, it sort of fell into a limbo zone, and Wordfence ended up marking it as unpatched. I’m in touch with Pathstack on how to best resolve this at this point. Will report back when and if I hear back and/or has managed to resolve the issue with Pathstack.

Thread Starter Pexle Chris
(@pexlechris)

1 month, 3 weeks ago

I got again this valnerability info from Wordfence email. Have you contact Wordfence and Pathstack?

Plugin Author Bowo
(@qriouslad)

6 days, 2 hours ago

@pexlechris Apologies for the belated reply. Apparently the patch previously submitted was incomplete and their reply fall within the cracks in my inbox. I’ve taken another look and have submitted an updated patch. Pending their verification, I’ve also published the patch in v2.7.1. Pretty confident this should resolve the issue. Please test.

Viewing 3 replies - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

3 replies
2 participants
Last reply from: Bowo
Last activity: 6 days, 2 hours ago
Status: not resolved