Title: Vulnerable JavaScript libraries
Last modified: October 1, 2021

---

# Vulnerable JavaScript libraries

 *  [glaukabazi](https://wordpress.org/support/users/glaukabazi/)
 * (@glaukabazi)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/vulnerable-javascript-libraries-2/)
 * Dear,
 * Recently i have made a website for a client. After receiving it the client sent
   it through acunetix security check. which as a result brought back this alert
 * —— acunetix alert starts here ——
 *     ```
       Web Server
       Alert group Vulnerable JavaScript libraries
       Severity Medium
       Description
       You are using one or more vulnerable JavaScript libraries. One or more vulnerabilities were reported for this version of the library. Consult Attack details and Web References for more information about the affected library and the vulnerabilities that were reported.
       Recommendations Upgrade to the latest version.
       Alert variants
       4
       Details
       jQuery 3.1.1
       URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=3.1.1
       Detection method: The library's name and version were determined based on the
       file's CDN URI.
       References:
       https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
       https://mksben.l0.cm/2020/05/jquery3.5.0-xss.html
       https://jquery.com/upgrade-guide/3.5/
       https://api.jquery.com/jQuery.htmlPrefilter/
   
       GET /publikimet/ict/embed/ HTTP/1.1
       Referer: /wp-json/oembed/1.0/embed
       Cookie: wordpress_test_cookie=WP%20Cookie%20check; privacy_embeds=consent
       Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
       Accept-Encoding: gzip,deflate
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
       Gecko) Chrome/92.0.4512.0 Safari/537.36
       Connection: Keep-alive
       ```
   
 * —— the end of acunetix alert ——
 * So if i am right, my question here should be how to update this jquery. Cause
   i am not really even understanding what acunetix is requiring here.
 * Thank you so much in advance guys
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fvulnerable-javascript-libraries-2%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 3 replies - 1 through 3 (of 3 total)

 *  [Jacob Peattie](https://wordpress.org/support/users/jakept/)
 * (@jakept)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/vulnerable-javascript-libraries-2/#post-14927767)
 * They’re reporting an out of date version of jQuery, but the URL is not the copy
   of jQuery included with WordPress. You are likely using a theme or plugin that
   is enqueueing its own version of jQuery. This has been bad practice for a long
   time, and I don’t believe it’s even allowed in plugins in the plugin repository,
   so it’s likely a ‘premium’ theme or plugin that’s responsible.
 * First make sure your theme and all your plugins are up to date, and if that doesn’t
   resolve the issue, try using a plugin like [Query Monitor](https://wordpress.org/plugins/query-monitor/)
   to check which theme/plugin is responsible for loading this version of jQuery.
   Once you know, contact the author for assistance in resolving the issue. If you
   need help identifying the script with Query Monitor, you can try asking in it’s
   [support forum](https://wordpress.org/support/plugin/query-monitor/).
    -  This reply was modified 4 years, 8 months ago by [Jacob Peattie](https://wordpress.org/support/users/jakept/).
 *  Thread Starter [glaukabazi](https://wordpress.org/support/users/glaukabazi/)
 * (@glaukabazi)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/vulnerable-javascript-libraries-2/#post-14927787)
 * This is what i am seeing in page source:
 * <link rel=”alternate” type=”application/json+oembed” href=”[http://localhost/s3/wp-json/oembed/1.0/embed?url=http%3A%2F%2Flocalhost%2Fs3%2F&#8221](http://localhost/s3/wp-json/oembed/1.0/embed?url=http%3A%2F%2Flocalhost%2Fs3%2F&#8221);/
   >
 * <link rel=”alternate” type=”text/xml+oembed” href=”[http://localhost/s3/wp-json/oembed/1.0/embed?url=http%3A%2F%2Flocalhost%2Fs3%2F&format=xml&#8221](http://localhost/s3/wp-json/oembed/1.0/embed?url=http%3A%2F%2Flocalhost%2Fs3%2F&format=xml&#8221);/
   >
 *  Thread Starter [glaukabazi](https://wordpress.org/support/users/glaukabazi/)
 * (@glaukabazi)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/vulnerable-javascript-libraries-2/#post-14928342)
 * And can you let me know what is the latest version of this if not 1.0. Thank 
   you very much in advance

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Vulnerable JavaScript libraries’ is closed to new replies.

## Tags

 * [javascript](https://wordpress.org/support/topic-tag/javascript/)
 * [vulnerable](https://wordpress.org/support/topic-tag/vulnerable/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 3 replies
 * 2 participants
 * Last reply from: [glaukabazi](https://wordpress.org/support/users/glaukabazi/)
 * Last activity: [4 years, 8 months ago](https://wordpress.org/support/topic/vulnerable-javascript-libraries-2/#post-14928342)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics