I’m uninstalling this plugin for now. Would be great if the developers could update here when a patch is released.
Details link
“Remediation: No known patch available. Please review the vulnerability’s details in depth and employ mitigations based on your organization’s risk tolerance. It may be best to uninstall the affected software and find a replacement.”
Hello all,
Thanks for reaching out!
We have fixed your queries in the 2.1.4.1 version.
Please upgrade the version to make it work.
Best Regards,
Hitendra & Dotstore Team
Hiya,
Wordfence still identifies this Plugin as having a critical security issue at version 2.1.4.1.
The advice is to “To protect your site from this vulnerability, the safest option is to deactivate and completely remove “Fraud Prevention For Woocommerce” until a patched version is available.”
I have the same with Jetpack Scan even though it shows here as fixed and on the scan history.
https://wpscan.com/vulnerability/35d2f1e7-a4f8-49fd-a8dd-bb2c26710f93
I have reached out to Jetpack as well but haven’t got a response back yet.
