Title: GitHub: possible security vulnerabilities in plugin Last modified: December 28, 2018 --- # GitHub: possible security vulnerabilities in plugin * Resolved [cag8f](https://wordpress.org/support/users/cag8f/) * (@cag8f) * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/) * Hello. I just added your plugin to my site, and pushed the changes to my GitHub repo. GitHub then alerted me that were two potential security vulnerabilities in your plugin files. I’m not sure if you are aware of these or not. If you’d like to know the specifics, I can post them here, or send them to you privately if you’d like. Let me know. * Thanks. Viewing 5 replies - 1 through 5 (of 5 total) * Plugin Author [Sayontan Sinha](https://wordpress.org/support/users/sayontan/) * (@sayontan) * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11031691) * I just checked – I believe it is a non-issue. The file is auto-generated by Grunt while building the package files at my end, and it just so happens that my local versions of the said dependencies are not recent. * Feel free to send the list to [plugins@wordpress.org](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/plugins@wordpress.org?output_format=md) and see what they come back with. If it is indeed called out as a vulnerability I will act accordingly. * [Geoffrey Shilling](https://wordpress.org/support/users/geoffreyshilling/) * (@geoffreyshilling) * Volunteer Moderator * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11032081) * [@cag8f](https://wordpress.org/support/users/cag8f/) Please **never** post potential security vulnerabilities on the forums or anywhere public. This ensures the right people make sure there is or is not a problem before it’s made public for others to try and exploit. Please see the information on [reporting plugin security issues](https://developer.wordpress.org/plugins/wordpress-org/plugin-security/reporting-plugin-security-issues/), which includes emailing the plugins team like the Sayontan mentioned. * Thread Starter [cag8f](https://wordpress.org/support/users/cag8f/) * (@cag8f) * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11032127) * OK thanks. We can consider this resolved. * Plugin Author [Sayontan Sinha](https://wordpress.org/support/users/sayontan/) * (@sayontan) * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11035452) * A quick update – harmless though it was, you will no longer find the file that was causing the warning. You should be good to go. * Thread Starter [cag8f](https://wordpress.org/support/users/cag8f/) * (@cag8f) * [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11035454) * Sounds good–thanks for the update! Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘GitHub: possible security vulnerabilities in plugin’ is closed to new replies. * ![](https://ps.w.org/photonic/assets/icon.svg?rev=1972449) * [Photonic Gallery & Lightbox for Flickr, SmugMug & Others](https://wordpress.org/plugins/photonic/) * [Frequently Asked Questions](https://wordpress.org/plugins/photonic/#faq) * [Support Threads](https://wordpress.org/support/plugin/photonic/) * [Active Topics](https://wordpress.org/support/plugin/photonic/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/photonic/unresolved/) * [Reviews](https://wordpress.org/support/plugin/photonic/reviews/) * 5 replies * 3 participants * Last reply from: [cag8f](https://wordpress.org/support/users/cag8f/) * Last activity: [7 years, 3 months ago](https://wordpress.org/support/topic/github-possible-security-vulnerabilities-in-plugin/#post-11035454) * Status: resolved