vulnerable WP Fluent Forms plugin found

  • Resolved Ahmed

    (@massdesigners)


    3 years, 6 months ago

    Hello,
    My SUCURI scanner detected this, is it soemthing I need to worry about or false postive?
    I know that fluentform.php is not installed, but maybe the scanner takes the version of plugin from the refernce compatibility php line.

    vulnerable WP Fluent Forms plugin found at ./wp-content/plugins/wp-hide-security-enhancer/compatibility/fluentform.php – Version: 3.5.5 Please update this plugin immediately: https://wpscan.com/vulnerability/16070387-e2b2-4b97-8cd8-cc2db80a3995

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Contributor Maya

    (@tdgu)

    Hi,
    Thanks for your message, you are correct the scanner takes the plugin version from the compatibility file headers, which is wrong, so there isn’t an actual vulnerability in the code.
    We’ll just update the files and remove those headers to avoid further false alarms.

    Thanks

    Thread Starter Ahmed

    (@massdesigners)

    no problem. Thank you for replay ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘vulnerable WP Fluent Forms plugin found’ is closed to new replies.