Vulnerability? | WordPress.org

Resolved mangoman
(@mangoman)

2 months ago

Wordfence reported a documented Cross-Site Request Forgery (CSRF) vulnerability via Patchstack: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-post-template/simple-content-templates-for-blog-posts-pages-2261-cross-site-request-forgery

Is there a plan to update the plugin with a bug fix, or is this Ok/acceptable? @clifgriffin @nodleredoy

The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Clifton Griffin
(@clifgriffin)

2 months ago

Hi @mangoman – this vulnerability was rated as low severity by Patchstack with no action needed for users.

But we should fix this and we will! I have made some preliminary fixes and I’ll work with @nodleredoy to get this out soon.

Thread Starter mangoman
(@mangoman)

2 months ago

Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

3 replies
2 participants
Last reply from: mangoman
Last activity: 2 months ago
Status: resolved