Vulnerabilities in version 1.3.0.1

  • Resolved Gruskel

    (@elevas33)


    3 years ago

    According to my Plesk server version 1.3.0.1 has the following vulnerabilities:

    WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin < 1.3.0.1 – Sensitive Information Disclosure vulnerability

    WordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin < 1.3.0.1 – Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

    Please fix it…

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Gruskel

    (@elevas33)

    And I think it is not fixed in 1.3.1.

    1.3.1
    Release Date: March 2nd, 2022

    Improvement: Process of link building for future scheduled posts optimized
    Fix: Bug in reordering of keywords in the keyword editor got fixed
    Fix, Pro: Consideration of manually set links works reliably again

    Plugin Contributor Internal Links

    (@internallinkjuicer)

    You received this message from Plesk because it is connected to a vulnerability database.

    We have integrated the Freemius SDK into our plugin, where vulnerabilities have recently become known. These are already patched since our version 1.3.0 and the corresponding message is therefore invalid.

    Please upgrade to the latest version as soon as possible.

    More information about the exact vulnerabilities can be found here:
    https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure/

    In principle, the security risks are to be taken seriously, but not to be considered critical.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Vulnerabilities in version 1.3.0.1’ is closed to new replies.