Security bug | WordPress.org

Resolved ottomania
(@ottomania)

3 years, 3 months ago

Hello,

I am using a bank’s virtual pos system on my site.
This bank shared a security report with us
He shared with us the security vulnerabilities of woocommerce as the findings detected on your system are listed in order of priority in the table.
Security scan done by the bank
Cross-Site Request Forgery (CSRF) is stated to be the vulnerability that has the highest risk and needs to be fixed immediately.
Have you done any tests on this?
can you help us to fix this problem

Viewing 1 replies (of 1 total)

Little Package
(@littlepackage)

3 years, 3 months ago

There is an “ethic” about reporting possible security issues. It’s generally not done on public forums. Please read:

https://developer.wordpress.org/plugins/wordpress-org/plugin-security/reporting-plugin-security-issues/

Keep in mind that often businesses use software to estimate the possibility of security flaws existing. Robots scan sites and software looking for clues something might be amiss. They aren’t by any means accurate, and so though the bank might be flagging this, it’s very possibly a false positive.

Viewing 1 replies (of 1 total)

The topic ‘Security bug’ is closed to new replies.

1 reply
2 participants
Last reply from: Little Package
Last activity: 3 years, 3 months ago
Status: resolved