Title: Wrong plugin identified as vulnerable
Last modified: April 24, 2023

---

# Wrong plugin identified as vulnerable

 *  Resolved [t.schwarz](https://wordpress.org/support/users/tschwarz-1/)
 * (@tschwarz-1)
 * [3 years, 1 month ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/)
 * I’m using this plugin –
   [https://de.wordpress.org/plugins/google-sitemap-generator/](https://de.wordpress.org/plugins/google-sitemap-generator/)–
   and WP Vulnerability is showing it as vulnerable based on the vulnerability info
   for this plugin –[https://wordpress.org/plugins/sitemap/](https://wordpress.org/plugins/sitemap/)
   Took me bit to figure that out based on the version info, so I imagine it will
   be much more confusing for less technically savvy users.I’m assuming this not
   actually a bug but related to some ID mistakenly entered into a report form. 
   Can this be fixed? Is this kind of error a problem that is expected to occur 
   more often?Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)

 *  Plugin Author [Javier Casares](https://wordpress.org/support/users/javiercasares/)
 * (@javiercasares)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/#post-16849584)
 * This is something done by that plugin… there is not really a vulnerability.
 * I’m checking how to not have those kinds of false positives.
 *  Plugin Author [Javier Casares](https://wordpress.org/support/users/javiercasares/)
 * (@javiercasares)
 * [2 years, 9 months ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/#post-17043226)
 * It should be fixed after 2.1+
 *  [Michał Dudziński](https://wordpress.org/support/users/fotoduda/)
 * (@fotoduda)
 * [2 years, 5 months ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/#post-17303481)
 * Hello,
 * I have a similar problem. [ai-engine](https://wordpress.org/plugins/ai-engine/)
   plugin is being recognised with having a vulnerability in version below 4.7.8,
   when in fact it the latest version is 2.1.3.
 * The vulnerability details suggest the affected plugin is called WordPress Chatbot,
   AI Chatbot or WPBot Lite, not the AI Engine plugin.
 * Is it a case of a mismatched ID as well?
 *  Plugin Author [Javier Casares](https://wordpress.org/support/users/javiercasares/)
 * (@javiercasares)
 * [2 years, 4 months ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/#post-17332696)
 * Hello [@fotoduda](https://wordpress.org/support/users/fotoduda/)
 * It should be solved. If there is any message or error, please, tell us and we
   will check again.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Wrong plugin identified as vulnerable’ is closed to new replies.

 * ![](https://ps.w.org/wpvulnerability/assets/icon.svg?rev=3387690)
 * [WPVulnerability](https://wordpress.org/plugins/wpvulnerability/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wpvulnerability/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wpvulnerability/)
 * [Active Topics](https://wordpress.org/support/plugin/wpvulnerability/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wpvulnerability/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wpvulnerability/reviews/)

 * 6 replies
 * 3 participants
 * Last reply from: [Javier Casares](https://wordpress.org/support/users/javiercasares/)
 * Last activity: [2 years, 4 months ago](https://wordpress.org/support/topic/wrong-plugin-identified-as-vulnerable/#post-17332696)
 * Status: resolved