has a security vulnerability.

  • Resolved Rich99

    (@rich99)


    3 months, 3 weeks ago

    Hello,

    We have wordfence, been told:

    The Plugin “wpDataTables – Tables & Table Charts” has a security vulnerability.

    Can this be fixed? thx

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author wpDataTables

    (@wpdatatables)

    Hello,
    We are aware of this report, it has been sent to us by other users.
    As we can see from the report, it states that vulnerability was found in the?premium?version of wpDataTables version?6.3.1, so that premium version and the ones before that can be affected.

    The Lite version of our Plugin does not have these functionalities (such as SQL based tables), so Lite version was never affected.
    Those reports are not related to the Lite version, but they can be reported in the lite version because the resources where this information about themes or plugins vulnerabilities are stored are generated by the theme or the plugin slug. Those slugs are the same in both lite and the full version, and because of that, you get those notifications.

    The important thing is that there’s nothing to worry about. Newer versions of the wpDataTable?premium?don’t have these issues, ( the latest one at the time of this reply is 7.0.1) and our Lite plugin versions never did.

    Unfortunately, until wpDataTables Lite goes above version 6.3.1 these reports will indicate a false positive. The lite and the full version have the same slug (wpdatatables), and that’s why the security plugins can’t differentiate between the versions.

    I hope this helps, let us know if anything is unclear.

    Thank you.

    Thread Starter Rich99

    (@rich99)

    thanks for the quick reply and details and what has happened – brilliant. Will continue using the plugin. thanks

    Plugin Author wpDataTables

    (@wpdatatables)

    Hello,
    You’re welcome, we are happy to advise.
    If you notice anything else we should take a look at, please don’t hesitate to create new posts.

    Kind regards.

    Why not just rename the free version to “wpDataTables Lite” to avoid the false positives altogether?

    Plugin Author wpDataTables

    (@wpdatatables)

    Hello @sklarwebhost,
    Thank you for your feedback.
    Our developers attempted to rename the slug for the Lite version to help these security plugins differentiate it. However, this caused issues during implementation, so this solution is not feasible at the moment. Rest assured, our developers are working hard to find an alternative.

    Unfortunately, we cannot provide an ETA or specific details about the solution at this time.

    We apologize for the inconvenience.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.