Vulnerability

Viewing 1 replies (of 1 total)
  • Plugin Support Milos TMS

    (@milosjovanovicwpdt)

    1 year ago

    Hello,
    As we can see, in that security report, it says there is an SQL injection danger, but only for premium versions and only up to version 6.3.1.

    Our current Premium version is 7.7.1, so there is nothing to worry about, this was fixed since version 6.4.1 and newer versions.

    Now, the reason why this happens is, security Plugins are not able to differentiate between our free/Lite Plugin and premium/full Plugin version – they both have the same slug name as ‘wpdatatables’.

    Our current free\Lite Plugin version is 3.4.2.40, and it does not have any SQL or AJAX functionalities ( The Lite Plugin was never affected)

     – so the Security Plugin can not realise our premium version has gone above version 6.3.1 a long time ago ( the version which had the security issue from that report).

    So this is a false-positive report and we can assure you there is no security threat.

    Unfortunately, you will see that false positive security report until our Lite Plugin gets updated to a version above 6.3.1. However, as mentioned, there is absolutely nothing to worry about in that regard. 

     I hope that helps to clarify what happened. 

    Let us know if you have any questions.

Viewing 1 replies (of 1 total)

The topic ‘Vulnerability’ is closed to new replies.