Title: Vulnerability Reported on WordFence Last modified: May 25, 2023 --- # Vulnerability Reported on WordFence * Resolved [sara.mansouri](https://wordpress.org/support/users/saramansouri/) * (@saramansouri) * [2 years, 11 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/) - **Plugin Name: **Scripts n Styles - **Current Plugin Version: **3.5.2 - **Details: **To protect your site from this vulnerability, the safest option is to deactivate and completely remove “Scripts n Styles” until a patched version is available. [Get more information.(opens in new tab)](https://www.wordfence.com/help/?query=scan-result-plugin-vulnerable) - **Repository URL: **[https://wordpress.org/plugins/scripts-n-styles(opens in new tab)](https://wordpress.org/plugins/scripts-n-styles) - **Vulnerability Information: **[https://www.wordfence.com/threat-intel/vulnerabilities/id/a86d8f97-54dc-4c6b-92c0-05a8625cc073?source=plugin(opens in new tab)](https://www.wordfence.com/threat-intel/vulnerabilities/id/a86d8f97-54dc-4c6b-92c0-05a8625cc073?source=plugin) - **Vulnerability Severity: **3.3/10.0 Viewing 6 replies - 1 through 6 (of 6 total) * Plugin Author [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * (@wraithkenny) * [2 years, 11 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16769802) * “This only impacts multi-site installations and installations where unfiltered_html has been disabled.” * This is a weird report, since the code in my plugin entire admin code is completely disabled when unfiltered_html is disabled. * Plugin Author [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * (@wraithkenny) * [2 years, 11 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16769804) * I appreciate you giving me that link, since I wasted a whole 8 hrs trying to refactor my code to find a vulnerability that’s certainly a false positive. * Plugin Author [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * (@wraithkenny) * [2 years, 11 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16771695) * I’ve release 3.5.3, which disables the plugin completely if DISALLOW_UNFILTERED_HTML is set to true, and also disables the old code for upgrading meta data with the old key. * This should remove any surface for the reported vulnerability. * Plugin Author [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * (@wraithkenny) * [2 years, 11 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16771696) * closing * Thread Starter [sara.mansouri](https://wordpress.org/support/users/saramansouri/) * (@saramansouri) * [2 years, 10 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16787716) * Thank you [@wraithkenny](https://wordpress.org/support/users/wraithkenny/) for taking care of the issue and fixing it in a timely manner. * Plugin Author [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * (@wraithkenny) * [2 years, 10 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16789747) * Not completely solved, but the company that reported the vulnerability has reached out to me. Viewing 6 replies - 1 through 6 (of 6 total) The topic ‘Vulnerability Reported on WordFence’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/scripts-n-styles_46515d.svg) * [Scripts n Styles](https://wordpress.org/plugins/scripts-n-styles/) * [Frequently Asked Questions](https://wordpress.org/plugins/scripts-n-styles/#faq) * [Support Threads](https://wordpress.org/support/plugin/scripts-n-styles/) * [Active Topics](https://wordpress.org/support/plugin/scripts-n-styles/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/scripts-n-styles/unresolved/) * [Reviews](https://wordpress.org/support/plugin/scripts-n-styles/reviews/) * 9 replies * 2 participants * Last reply from: [WraithKenny](https://wordpress.org/support/users/wraithkenny/) * Last activity: [2 years, 10 months ago](https://wordpress.org/support/topic/vulnerability-reported-on-wordfence/#post-16789747) * Status: resolved