Security issue found

  • Resolved earrame

    (@earrame)


    2 years, 3 months ago

    A security issue has been found and I am hoping that you can resolve it so we don’t have to find another to use.

    “WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion”

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Mej de Castro

    (@mej)

    Hi @earrame ,

    Thanks for reaching out ??

    Can you please give us more insights? Is the Widget Options Plugin conflicting with the WordPress Social Media Widget Plugin?

    Thank you and I’ll be waiting for the further information.

    -Mej

    Thread Starter earrame

    (@earrame)

    I disabled the Widget Options Plugin and ran the security scan again and it came up with the same error.
    “WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion”
    The scan is being done by ManageWP that I believe is using WP Scan. When I click the learn more link, it goes to a 404 page, so I don’t know what to make of that.

    Thread Starter earrame

    (@earrame)

    Here is the information about the vulnerability: https://brightsec.com/blog/file-inclusion-vulnerabilities/#rfi

    Plugin Author Mej de Castro

    (@mej)

    Hi @earrame

    Can you please delete the Widget Options Plugin and see if the same issue resurface?

    Thank you,
    Mej

    Thread Starter earrame

    (@earrame)

    I completely removed the Widget Options plugin and still get the same security warning from ManageWP:

    WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion

    Plugin Author Mej de Castro

    (@mej)

    Hi @earrame

    Thank you for your update! In this case, the issue is not from Widget Options plugin. I would highly suggest coordinating this case to WordPress Social Media Widget Plugin authors.

    Thank you,
    Mej

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Security issue found’ is closed to new replies.