Title: Vulnerable Plugin
Last modified: March 1, 2022

---

# Vulnerable Plugin

 *  Resolved [ZLC](https://wordpress.org/support/users/kindnessville/)
 * (@kindnessville)
 * [4 years, 3 months ago](https://wordpress.org/support/topic/vulnerable-plugin-4/)
 * Heads up: Jetpack Scan is creating a warning about “threats found” with this 
   plugin: drop-shadow-boxes and wants to delete the affected file or directory.
 * It won’t give me more details, but you might want to check this out.

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Robert](https://wordpress.org/support/users/bob23894/)
 * (@bob23894)
 * [4 years, 2 months ago](https://wordpress.org/support/topic/vulnerable-plugin-4/#post-15503049)
 * Hi,
 * According WordPress toolkit, in the version 1.7.4 (and/or minus) there are
    “
   Sensitive Information Disclosure vulnerability” and “Toggle The Debug Mode via
   Cross-Site Request Forgery (CSRF) vulnerability.
 * Thank you
 *  Plugin Author [Steve Henty](https://wordpress.org/support/users/stevehenty/)
 * (@stevehenty)
 * [4 years, 1 month ago](https://wordpress.org/support/topic/vulnerable-plugin-4/#post-15614778)
 * Thanks for letting me know. This should be fixed now.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Vulnerable Plugin’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/drop-shadow-boxes_fdffff.svg)
 * [Drop Shadow Boxes](https://wordpress.org/plugins/drop-shadow-boxes/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/drop-shadow-boxes/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/drop-shadow-boxes/)
 * [Active Topics](https://wordpress.org/support/plugin/drop-shadow-boxes/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/drop-shadow-boxes/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/drop-shadow-boxes/reviews/)

 * 2 replies
 * 3 participants
 * Last reply from: [Steve Henty](https://wordpress.org/support/users/stevehenty/)
 * Last activity: [4 years, 1 month ago](https://wordpress.org/support/topic/vulnerable-plugin-4/#post-15614778)
 * Status: resolved