Known Vulnerabilities according to iThemes security

  • Resolved ibaifernandez

    (@ibaifernandez)


    1 year, 7 months ago

    Hi all.

    According to the iThemes security plugin, ElementsKit has been having known vulnerabilities for a while. These are them

    1. WordPress Premium Addons PRO plugin <= 2.9.0 – Broken Access Control vulnerability
    2. WordPress Premium Addons PRO plugin <= 2.9.0 – Sensitive Data Exposure vulnerability

    Are they known to the community? Are they known to the developers? Is some quick fix awaiting around the corner? Is the iThemes security plugin mistaken?

    Cheers!

    ~IF

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Ahmed Amir Hossain

    (@ahmedamir)

    Hi @ibaifernandez,

    Thanks for reaching out to us.

    Could you please send us more details about this Vulnerability issue? If possible please send us a screenshot, video, or any link of how you have got this vulnerability issue. We will investigate and inform you of the update ASAP.

    Waiting for your response.

    Regards,
    Amir

    Thread Starter ibaifernandez

    (@ibaifernandez)

    Hi, @ahmedamir

    You’re gonna have to forgive me big time. I don’t know what went thru our mind, but I got the plugin wrong ?? My deepest and most sincere apologies for having raised worries. I will go to penance, now ??

    Cheers,

    ~IF

    Plugin Support Ahmed Amir Hossain

    (@ahmedamir)

    Hi @ibaifernandez,

    Hope you are doing fine. We are very much concerned about our plugin. If any of our users raise an issue and the issue is detected by our investigation. We try to resolve the issue without any delay.

    So if you get any issue please share the details of the issue. We will check the issue and let you know the update as soon as possible.

    Regards,
    Amir

    Thread Starter ibaifernandez

    (@ibaifernandez)

    Dear @ahmedamir,

    Thing is that I get confused among so many different plugins which have very similar names. Whichever the case, the one plugin givin’ me problems recently released an updated version, so the iThems Security plugin is not yielding any more warnings. Thus, I believe there’s no issue with any plugin (such as yours) anymore.

    Once again, aplogies for the inconvenience.

    Cheers!

    ~IF

    This fix was promised 2 months ago according to this page:
    https://patchstack.com/database/vulnerability/elementskit-lite/wordpress-elementskit-lite-plugin-2-9-0-broken-access-control-vulnerability?_a_id=431

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Known Vulnerabilities according to iThemes security’ is closed to new replies.