Store Locator Plus® for WordPress Forums Premier Support Vulnerability Found

Tagged: ,

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • August 20, 2024 at 10:54 AM #83640
    Debbie
    Participant

    I have been receiving notices from my hosting provider that state:

    WordPress Store Locator Plus® for WordPress plugin <= 2311.17.01 – Sensitive Data Exposure vulnerability
    Sensitive Data Exposure vulnerability discovered by Peng Zhou (Patchstack Alliance) in WordPress Plugin Store Locator Plus (versions <= 2311.17.01)

    No update is available to correct this issue yet. It was publicly disclosed on August 12, 2024. It is recommended that we deactivate the plugin, but I am hoping not to need to do that.

    Do you plan to release an update to mitigate this vulnerability soon?

    August 23, 2024 at 8:36 AM #83643
    Debbie
    Participant

    Adding my WPSLP Environment Details:

    • This reply was modified 2 months, 4 weeks ago by Debbie. Reason: Uploading file attachment
    Attachments:
    You must be logged in to view attached files.
    August 24, 2024 at 2:53 PM #83646
    Cici
    Keymaster

    Could you  share what sensitive data exposure was found  as a vulnerability so I can pass it on to the plug-in developer?  He is working on updates as time permits.

     

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.