Plugin Vulnerability
-
Hello team!
I love your plugin, and I recently bought the pro version!
I use Wordfence for security scans, and a recent scan confirmed a vulnerability with the plugin. I can see on Wordfence site that there’s a patched version already, but it appears the vulnerability is on the standard plugin: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/blog-designer-pack/news-blog-designer-pack-wordpress-blog-plugin-341-unauthenticated-remote-code-execution
My pro version is different. There isn’t an update available, and the version differs to the standard plugin version, of course. But it keeps getting flagged in a Wordfence scan. What should I do? Should I remove your pro plugin for the interim? Or is it being shown in error by Wordfence?Many thanks!
-
Hi @samch31
Thanks for reaching out to us and providing the web page link.
I have checked it and Yes, It is a free version which was already updated. Right now there is no vulnerability within the plugin. You can see “Patched” to “Yes” within the provided link.
Also it is for Free version.
Right now in there is no security vulnerability within the plugin.
Also WordPress ORG forum is limited to Free version and its support. If you have any query related to premium version you can reach out to my support.
- You must be logged in to reply to this topic.
