Title: Plugin Vulnerability
Last modified: March 30, 2023

---

# Plugin Vulnerability

 *  Resolved [T.McGuire](https://wordpress.org/support/users/tmcguire/)
 * (@tmcguire)
 * [3 years ago](https://wordpress.org/support/topic/plugin-vulnerability-12/)
 * This plugin was reported today as having a Cross Site Request Forgery (CSRF).
   Would you please check into it so I can safely install it? You can read more 
   about it here: [https://ithemes.com/blog/wordpress-vulnerability-report-march-29-2023/](https://ithemes.com/blog/wordpress-vulnerability-report-march-29-2023/)

Viewing 6 replies - 1 through 6 (of 6 total)

 *  Plugin Author [brianmcculloh](https://wordpress.org/support/users/brianmcculloh/)
 * (@brianmcculloh)
 * [3 years ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16614481)
 * I was not aware of this, thank you for bringing it to my attention. I will look
   into the issue and have a fix in the next update.
 *  [maxidavis](https://wordpress.org/support/users/maxidavis/)
 * (@maxidavis)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16714055)
 * Any update on this? It’s still not patched: [https://www.wordfence.com/threat-intel/vulnerabilities/detail/appsero-121-missing-authorization?q=worth](https://www.wordfence.com/threat-intel/vulnerabilities/detail/appsero-121-missing-authorization?q=worth)
 *  Thread Starter [T.McGuire](https://wordpress.org/support/users/tmcguire/)
 * (@tmcguire)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16714593)
 * Doesn’t look like it. The last update to the plugin was 4 months ago with no 
   update since.
 *  Plugin Author [brianmcculloh](https://wordpress.org/support/users/brianmcculloh/)
 * (@brianmcculloh)
 * [2 years, 11 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16714755)
 * Not yet, still on the docket. Thanks for your patience!
 *  Plugin Author [brianmcculloh](https://wordpress.org/support/users/brianmcculloh/)
 * (@brianmcculloh)
 * [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16947347)
 * 1.14.1 fixes the vulnerability issue. Thanks for your patience!
 *  [maxidavis](https://wordpress.org/support/users/maxidavis/)
 * (@maxidavis)
 * [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16947747)
 * lol, after checking it every day for 3 months, I deleted it just yesterday because
   it was completely deleted from the repository.

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Plugin Vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/worth-the-read/assets/icon-128x128.png?rev=1482821)
 * [Worth The Read](https://wordpress.org/plugins/worth-the-read/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/worth-the-read/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/worth-the-read/)
 * [Active Topics](https://wordpress.org/support/plugin/worth-the-read/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/worth-the-read/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/worth-the-read/reviews/)

 * 8 replies
 * 3 participants
 * Last reply from: [maxidavis](https://wordpress.org/support/users/maxidavis/)
 * Last activity: [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-vulnerability-12/#post-16947747)
 * Status: resolved