A high risk vulnerability was found in Calculated Fields Form

  • Resolved dorier75

    (@dorier75)


    2 years, 2 months ago

    Good morning,

    We receive several emails from our SSL system about your plugin:

    “A high risk vulnerability was found in Calculated Fields Form. Depending on your settings, Really Simple SSL will take appropriate actions, or you will need to resolve the issue manually. Get more information from the Really Simple SSL dashboard on…”

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author codepeople

    (@codepeople)

    2 years, 2 months ago

    Thank you very much for using our plugin.

    Could you please contact us directly via the plugin website with details of the vulnerability notice you have received so that we can check it and make the necessary modifications to the plugin?

    https://cff.dwbooster.com/contact-us

    Please include, in addition to the description of the issue, the plugin version you are using.

    Thank you.

    Plugin Author codepeople

    (@codepeople)

    2 years, 2 months ago

    Hello @dorier75

    Thank you for providing the details. The vulnerability reported by “Really Simple SSL” relates to version 5.1.57 of the plugin, which is an outdated commercial distribution version (5.1.56). The issue was fixed in January 2022. Please note that plugin versions with numbers in the format 1.x.x belong to the free distribution you can download directly from the WordPress directory, while the Professional version is 5.x.x.

    Best regards.

    Thread Starter dorier75

    (@dorier75)

    2 years, 2 months ago

    So the current free version Version 1.2.57 has security vulnerabilities according to SSL system messages?

    Plugin Author codepeople

    (@codepeople)

    2 years, 2 months ago

    Hello @dorier75,

    Only the Professional version before January 2022 is affected, not the free version 1.2.57.

    Best regards.

    Thread Starter dorier75

    (@dorier75)

    2 years, 2 months ago

    So the free version has a significant security flaw, this is unacceptable, we are forced to uninstall

    Plugin Author codepeople

    (@codepeople)

    2 years, 2 months ago

    Hello @dorier75,

    No, the free version of the plugin in the WordPress directory has been never affected by this problem because it does not process the data on the server side. The issue was related to the Professional versions before January 2022. You are receiving the alert because the schema of version numbers in the Professional and Free plugin distributions are different.

    Best regards.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘A high risk vulnerability was found in Calculated Fields Form’ is closed to new replies.