Vulnerability

Hello,

4.3 is a pretty old version. It is recommended to update to the latest 5.x version.

Hello Dan,
regrettably the vulnerability also seems to be in the current version. (5.4.1) as we also got a vulnerability alert from iThemes security plugin. Please see here: https://patchstack.com/database/vulnerability/weight-based-shipping-for-woocommerce/wordpress-woocommerce-weight-based-shipping-plugin-5-4-1-cross-site-request-forgery-csrf-vulnerability?_a_id=431

Thanks.

Ah – I just saw Dan’s reply on another thread – for your information, see here:
https://www.ads-software.com/support/topic/wp-toolkit-reports-vulnerability/

Confirming Jilroxy’s message about the vulnerability in the current version.

What about this information from Wordfence

@mojojojomo, the source is patchstack in all the cases.