Incorrect Level Alert | WordPress.org

Resolved wprun
(@wordpressrun)

10 months, 3 weeks ago

Below is the alert we received:
Medium Severity Problems:
* The Plugin “Sassy Social Share” needs an upgrade (3.3.75 -> 3.3.76).
https://wordpress.org/plugins/sassy-social-share/#developers

For this threat – which was a Critical Security Release.
https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/sassy-social-share/social-sharing-plugin-sassy-social-share-3375-reflected-cross-site-scripting-via-heateor-mastodon-share-parameter

Why was this status “Medium Severity”, when it should have been “Critical Security Release” ??

Thanks

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Support wfphil
(@wfphil)

10 months, 2 weeks ago

Hi @wordpressrun

From a test scan we see the scan result marked as Critical. What do you get please if you run a manual scan?

Thread Starter wprun
(@wordpressrun)

10 months, 2 weeks ago

Manual scan shows critical. And notifications for all sites were displaying critical too – except one site had the message I pasted above. Seems like a bug in the notifications system for just some cases of notifications?

Plugin Support wfphil
(@wfphil)

10 months, 2 weeks ago

Hi @wordpressrun

Thank you for the update.

It’s likely this site had a temporary issue reaching our servers and couldn’t fetch the vulnerability data correctly as it didn’t affect your other sites.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Incorrect Level Alert’ is closed to new replies.

4 replies
2 participants
Last reply from: wfphil
Last activity: 10 months, 2 weeks ago
Status: resolved