Vulnerability still present?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Contributor lassoteam

    (@lassoteam)

    2 years, 8 months ago

    @imarkinteractive Thank you so much for bringing this to our attention!

    Our devs are currently investigating the issue and will work to get a fix ready to go in v119.

    I’ll reach out here as soon as that update is ready to go. 🙂

    Sridhar Katakam

    (@srikat)

    2 years, 8 months ago

    BlogVault is also reporting vulnerabilities in Simple URLs (118).

    Plugin Contributor lassoteam

    (@lassoteam)

    2 years, 8 months ago

    Ah, we’d be happy to take a look at that, too! Could you please send a screenshot of this to [email protected]?

    I’ll add that to the vulnerabilities ticket, so we can clear that up ASAP as well.

    Plugin Contributor lassoteam

    (@lassoteam)

    2 years, 7 months ago

    Hey there, @srikat!

    Thank you so much for working with us on this matter, and for your patience while we got it resolved.

    Pleased to update that the devs have improved the Shortcode rendering content to prevent the XSS, and your issue should be resolved!

    Feel free to reach out with any other comments or questions on this matter, or any matter 🙂

    rsddave

    (@rsddave)

    2 years, 7 months ago

    Any update on when the 120 version will be fixed? It is still vulnerable.

    Plugin Contributor lassoteam

    (@lassoteam)

    2 years, 7 months ago

    Hi there, @rssddave!

    Lasso Lite 121 just released today, with a security fix patching the CSRF vulnerability.

    We deeply appreciate your patience and trust while the devs were resolving this issue.

    Thank you, and feel free to continue to reach out with any feedback/questions you may have!

    • This reply was modified 2 years, 7 months ago by lassoteam.
Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Vulnerability still present?’ is closed to new replies.