The Plugin “JQuery Mega Menu Widget” appears to be abandoned?
-
Wordfence is reporting the following:
The Plugin “JQuery Mega Menu Widget” appears to be abandoned (updated November 2, 2012, tested to WP 3.4.2).
Plugin Name: JQuery Mega Menu Widget
Plugin Website: https://www.designchemical.com/blog/index.php/wordpress-plugins/wordpress-plugin-jquery-mega-menu-widget/
Repository Link: https://www.ads-software.com/plugins/jquery-mega-menu
Current Plugin Version: 1.3.10
Last Updated: November 2, 2012
Severity: Critical
Vulnerability Information: https://wpvulndb.com/vulnerabilities/6417
Status NewPlugin has unpatched security issues.
It was last updated 5 years 2 months ago and tested up to WordPress 3.4.2. It has unpatched security issues and may have compatibility problems with the current version of WordPress. Get more information.
The “Vulnerability Information” points to https://www.owasp.org/index.php/Top_10_2013-A1-Injection
And there’s this: https://www.exploit-db.com/exploits/16250/
Those are dealing with 1.0. Is 1.3.10 vulnerable? If so, are you going to update the plugin so that it is no longer vulnerable?
Thanks.
- The topic ‘The Plugin “JQuery Mega Menu Widget” appears to be abandoned?’ is closed to new replies.
