Hi Mej-
You may want to share this until you get the patch taken care of for 4.1.3. I received the information below from SolidSecurity and Patchstack
FYI: I rolled back, with plugin WP Roolback, to 4,1.2 and got a report this am that it is a lower patchstack Priority.
WordPress Widget Options plugin <= 4.1.2 – Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Patchstack Priority: Low
View in Patchstack 4.1.2
Hi @norwood451,
We appreciate your patience while we work on addressing this vulnerability. We still need to finalize a few changes to ensure there are no issues when updating to the next version.
Regarding the Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability, we have already patched this internally, and you can rest assured that the fix will be included in the upcoming release.
Please let us know if you have any other questions.
Kind Regards,
Mej, Widget Options Team
Hi Mej
Thank you.
I know that that Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability has been patched.
I was pointing out that other Users may want to Roll Back to the older version 4.1.2, as the older version is Patchstack Priority: Low 4.12. compared to the currencdt version which is Patchstack Priority: HIGH 4.1.3.
View in Patchstack 4.1.2
That is what I did using plugin WP Roolback while waiting for the new patch after 4.1.3
Thank you so much again!
David
the rollback plugin is fantastic!
great suggestion!’
thanks
Hi Dear users,
Our team is working to finalize the fix, and we expect to release it within the week. We appreciate your patience as we ensure everything is stable.
Kind regards,
Mej, Widget Options Team
Hi Dear users @norwood451, @christinahills,
A new version has just been released. Have you had a chance to update your Widget Options plugin? If not, please kindly update to the latest version at your earliest convenience.
For details about the new Display Logic Snippet System, please refer to the pinned post here:
https://wordpress.org/support/topic/display-logic-update-version-4-2-0/
If you experienced any issues with version 4.2.0, please kindly create a new topic in our support forum so we can relay the details to our development team and help get it resolved.
Thanks!
Kind Regards,
Mej, Widget Options Team