False positive “Critical Alert” from Wordfence

  • Anonymous User 8859655

    (@anonymized-8859655)


    6 years, 8 months ago

    A heads-up that Wordfence is now reporting V3.1.4 of the plugin as ‘abandoned’ due to no updates in 2 years, which is understandable and not an issue.

    More of a concern, they’re flagging the abandonment as a “Critical” issue due to an unpatched security issue – https://wpvulndb.com/vulnerabilities/8253 – even though this is allegedly fixed in 3.1.4

    I’m 99% sure this is a Wordfence issue and have raised a ticket with them already.

Viewing 4 replies - 1 through 4 (of 4 total)

  • Same here but anyway we the users should be warned if the plugin is compatible with the latest WordPress version. Could the author kindly let us know if he will update no more this plugin? Thank you

    Thread Starter Anonymous User 8859655

    (@anonymized-8859655)

    @kkriss, I found that uninstalling and reinstalling the plugin changed the Wordfence’s “Critical” error to a plain “Warning”. I can’t exactly explain why.

    WordFence think that the “v” in the version number may be confusing things.

    Yes, it would be good to know if this will be maintained in future.

    @roddyp Not too important what Wordfence says, but I don’t want to let plugins not updated in my installations, too dangerous.

    I’m also getting the warning from Wordfence. Although it’s unlikely that this means the plugin is a security risk, I’d be more comfortable running it if it was tested with the latest WordPress.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘False positive “Critical Alert” from Wordfence’ is closed to new replies.