Question about vulnerability report

  • Hello, we are still see the vulnerability report related to our plugin in Wordfence database.
    Your support mentioned that they have already remove that record, but it’s still there as you can see.
    Please connect with using our email to address the issue asap.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Thanks for getting in touch @ali2woo,

    Our reporting of this seems to be down to a CVE ID being issued, and the vulnerability being verified on Patchstack. Wordfence will report these, even though we weren’t the entity that decided it was a valid vulnerability. I notice that Patchstack currently states, “No fully patched version available.

    It’s best to fully patch the vulnerability and inform Patchstack to verify it as Wordfence Intelligence will, in turn, also update when a fix is confirmed by the vulnerability’s origin source. If you send us the original report to wfi-support @ wordfence . com for review, our team can check that with the latest plugin version to confirm if the issue is patched. For anybody finding this topic, that’s for Wordfence Intelligence only and is not available for plugin support queries.

    Many thanks,
    Peter.

    • This reply was modified 18 hours, 43 minutes ago by James Huff.
    • This reply was modified 18 hours, 40 minutes ago by wfpeter. Reason: Added our WFI email contact details
    Thread Starter ali2woo

    (@ali2woo)

    Could you please send us the proof of the vulnerability? to our email then we can reproduce it and fix it.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.