Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #83640
    Debbie
    Participant

    I have been receiving notices from my hosting provider that state:

    WordPress Store Locator Plus® for WordPress plugin <= 2311.17.01 – Sensitive Data Exposure vulnerability
    Sensitive Data Exposure vulnerability discovered by Peng Zhou (Patchstack Alliance) in WordPress Plugin Store Locator Plus (versions <= 2311.17.01)

    No update is available to correct this issue yet. It was publicly disclosed on August 12, 2024. It is recommended that we deactivate the plugin, but I am hoping not to need to do that.

    Do you plan to release an update to mitigate this vulnerability soon?

    #83643
    Debbie
    Participant

    Adding my WPSLP Environment Details:

    • This reply was modified 1 month, 3 weeks ago by Debbie. Reason: Uploading file attachment
    Attachments:
    You must be logged in to view attached files.
    #83646
    Cici
    Keymaster

    Could you  share what sensitive data exposure was found  as a vulnerability so I can pass it on to the plug-in developer?  He is working on updates as time permits.

     

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.