Support » Plugin: Wordfence Security - Firewall & Malware Scan » Is jQuery 1.12.4 safe?

  • Resolved anthonyfletchers

    (@anthonyfletchers)


    HI,

    Penetration testing on our servers has revealed that our site(s) are using jQuery 1.12.4, which is used by Wordfence. The Pen-testers have said that there are XSS vulnerabilities with this version of jQuery. (which is also reported here:
    https://snyk.io/test/npm/jquery/1.12.4)

    My question is:
    1) Are the vulnerabilities reported in jQuery 1.12.4 *really* an issue, considering Wordfence is sitting in the way?

    If so, do I have to update the version of jQuery currently in use by Wordfence? (Or will there be an upcoming patch soon?)

    Many thanks in advance,

    Anthony

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.