Vulnerability Notification from Wordfence

Hello @ma3ry,

Kindly confirm that you are using the same version I shared below. Please download the plugin from this link and re-install into your website after deleting the previous plugin.

Download Now

Let us know if the issues still persist. We will help you out.

Thanks & Regards,
WP Experts Support Team

Thank you for the quick response.

I checked the version # before I deleted the plugin. It was 4.2.9. I then uploaded the version from the link you sent and it was also 4.2.9.

I then checked the scan results on Wordfence and it showed the security vulnerability as of January 10. I marked it as “fixed” and then ran another scan with the new plugin installed. It is now showing

• The Plugin “APIExperts Square for WooCommerce” has a security vulnerability. Type: Plugin Vulnerable

• Issue Found 12 January 2024 9:15 am Critical

There is also a new notification as follows:

• The Plugin “WooCommerce” has a security vulnerability. Type: Plugin Vulnerable
• Issue Found 12 January 2024 9:15 am Critical

Perhaps they are related?

I just received an email with links as follows:

Critical Problems:

* The Plugin “APIExperts Square for WooCommerce” has a security vulnerability.

Vulnerability Severity: 5.3/10.0 (Medium)?Vulnerability Information
https://www.ads-software.com/plugins/woosquare/#developers

* The Plugin “WooCommerce” has a security vulnerability.
Vulnerability Severity: 6.1/10.0 (Medium)?Vulnerability Information
https://www.ads-software.com/plugins/woocommerce/#developers

• This reply was modified 1 year, 1 month ago by ma3ry.
• This reply was modified 1 year, 1 month ago by ma3ry.

Hello @ma3ry,

To escalate your case, please create a ticket on our official website. So that we can connect you directly with our Technical team.

Looking forward to getting your issue resolved.

Hope to hear from you soon.

Thanks

I have done as you requested.

Thank you.

We are unable to see your ticket. Can you please share the ticket number here?

We got your ticket now. Our representative will follow-up soon.

Thanks

This issue seems to have resolved itself. I did another scan and nothing showed up. Thanks for everything!

Thanks for the update.

For the third time I have received notification from Wordfence

Critical Problems:

* The Plugin “WC Shop Sync – Connect Square with WooCommerce” has a security vulnerability.

Vulnerability Severity: 5.3/10.0 (Medium) Vulnerability Information
https://www.ads-software.com/plugins/woosquare/#developers

This is with regard to the same website springvalleymaple.ca. Nothing has changed from the original ticket request from 9 months ago and again from 4 months ago. Please tell me when this will be resolved. Thank you

Hello @ma3ry ,

Really sorry for the inconvenience.

I had forwarded this query to our technical team. They are looking into it as a priority and we will update you soon here.

Thanks

Hello @ma3ry ,

Thanks for your patience.

Our technical team identified that Wordfence is actually referencing the Patchstack vulnerability database, which is not up to date. So we are in discussion with the Patchstack and Wordfence teams to update their database.

We will keep you posted once we receive any update from them.

Thanks

Many thanks!!!!

My Pleasure!

Hello @ma3ry ,

Hope you are doing well.

We were in contact with Patchstack team for this vulnerability issue. Here is following link below for reference.

Vulnerability Updates

Also, they have updated the status as you can see in above link.

Let me know if you have any further questions. We are here to help you.

Thanks.

Much appreciated!