Security Warning

The issue was fixed in 5.13.1. Please install the latest update.

The information at patchstack is invalid.

Maybe flag it to them then ? We we have messages showing.

WPMU Dev Defender is also showing is a vulnerability issue, probably because all the malware scanners use the same vulnerability databases/API.

WordPress Shortcodes Ultimate plugin <= 5.13.1 – Reflected Cross Site Scripting (XSS) vulnerability

-Vulnerability type: Cross Site Scripting (XSS)
-No Update Available

Yeah. I get the same. Already have latest version.

I’ve contacted Patchstack today. Their chatbot have promised that they will reply on Monday. I hope they will fix this asap.

Please don’t worry. Freemius rep. contacted me about two weeks before the report was published, so this wasn’t a surprise. It was a big collective update of all Freemius-based plugins.

I’m sure the Patchstack’s report will be fixed soon. Anyways, if they won’t update the report, I will publish a new version of the plugin just to eliminate those false-positives.

Even i am getting the following warning from iThemeSecurity, even though i have the latest version of the plugin –
Scheduled site scan report: Vulnerable Software

Known Vulnerabilities

• WordPress Shortcodes Ultimate plugin <= 5.13.1 – Reflected Cross Site Scripting (XSS) vulnerability

Hello, I still have this problem. What to do?

Well, it seems Patchstack’s support decided not to respond.

I’m releasing a new version (5.13.2) to suppress security alerts. This should solve the issue.

Thank you.

Thank you for releasing the update and working on getting this cleared up. I have been updating my sites since yesterday. I use PLESK and their WordPress Tool kit is showing that the 5.13.2 shows a vulnerability. erg. Thought you should know. sorry.