ManageWp Reporting Security Issue

  • Resolved Ian

    (@iannich)


    1 year, 11 months ago

    Hi, I use ManageWP on 19 of my client websites. Al of these sites have the latest version of Updraft (1.23.3) installed since last Friday.

    ManageWP is reporting that the installed version has a security issue. The error states: “WordPress UpdraftPlus Plugin 2.22.14-2.23.2 is vulnerable to Broken Access Control”.

    I’m guessing that this is a false positive and relates somehow to the difference in the version number for free (1.23.3) and paid versions (2.23.3) of the plugin.

    Is this something you can resolve or is the issue with ManageWP?

    I will report this issue with ManageWP as well.

    Regards, Ian

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Ian

    (@iannich)

    I received a reply from ManageWP support, extract below:

    The Updraft plugin vulnerability warning is a false-positive warning that can be safely ignored. It appears that PatchStack, our 3rd party vulnerability database, hasn’t received the proper update. However, our developers are aware of the issue and they are actively working on resolving it. I am unable to promise an ETA since I am not aware of their workflow, I hope you understand. Hopefully, the issue will be resolved in the next 48h at most. I apologize for the inconvenience.

    Came here to mention it too. Thanks for the update, Ian.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘ManageWp Reporting Security Issue’ is closed to new replies.