Vulnerability still present?

@imarkinteractive Thank you so much for bringing this to our attention!

Our devs are currently investigating the issue and will work to get a fix ready to go in v119.

I’ll reach out here as soon as that update is ready to go. ??

BlogVault is also reporting vulnerabilities in Simple URLs (118).

Ah, we’d be happy to take a look at that, too! Could you please send a screenshot of this to [email protected]?

I’ll add that to the vulnerabilities ticket, so we can clear that up ASAP as well.

Hey there, @srikat!

Thank you so much for working with us on this matter, and for your patience while we got it resolved.

Pleased to update that the devs have improved the Shortcode rendering content to prevent the XSS, and your issue should be resolved!

Feel free to reach out with any other comments or questions on this matter, or any matter ??

Any update on when the 120 version will be fixed? It is still vulnerable.

Hi there, @rssddave!

Lasso Lite 121 just released today, with a security fix patching the CSRF vulnerability.

We deeply appreciate your patience and trust while the devs were resolving this issue.

Thank you, and feel free to continue to reach out with any feedback/questions you may have!

• This reply was modified 1 year, 1 month ago by lassoteam.