Vulnerability | WordPress.org

Resolved espressivo
(@espressivo)

7 months, 3 weeks ago

There is a vulnerability https://patchstack.com/database/wordpress/plugin/hover-effects

Viewing 6 replies - 1 through 6 (of 6 total)

Plugin Contributor DmtLo
(@lobov)

7 months, 3 weeks ago

Hi,
Thanks for reporting this!

The vulnerability has been fixed in version 2.1.3 of the plugin.

Thread Starter espressivo
(@espressivo)

7 months, 3 weeks ago

It says it is still vulnerable https://patchstack.com/database/wordpress/plugin/hover-effects/vulnerability/wordpress-hover-effects-plugin-2-1-2-sql-injection-vulnerability

Plugin Contributor DmtLo
(@lobov)

7 months, 3 weeks ago

The plugin does not use any direct SQL queries.
The Patchstack report is dated June 27, 2025, while the plugin was updated on July 3, 2025, specifically to ensure code safety and address any potential concerns.

Thread Starter espressivo
(@espressivo)

7 months, 3 weeks ago

I understand but it is still reporting vulnerability as of the current version. You might want to talk to patchstack

Plugin Contributor DmtLo
(@lobov)

7 months, 3 weeks ago

Please, check again https://patchstack.com/database/wordpress/plugin/hover-effects/vulnerability/wordpress-hover-effects-plugin-2-1-2-sql-injection-vulnerability

Thread Starter espressivo
(@espressivo)

7 months, 3 weeks ago

Great, thanks! Glad everyone got it all straightened out

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Vulnerability’ is closed to new replies.

10 replies
2 participants
Last reply from: espressivo
Last activity: 7 months, 3 weeks ago
Status: resolved