Security issue found

Resolved earrame
(@earrame)

2 years, 6 months ago

A security issue has been found and I am hoping that you can resolve it so we don’t have to find another to use.

“WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion”

The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)

Plugin Author Mej de Castro
(@mej)

2 years, 6 months ago

Hi @earrame ,

Thanks for reaching out 🙂

Can you please give us more insights? Is the Widget Options Plugin conflicting with the WordPress Social Media Widget Plugin?

Thank you and I’ll be waiting for the further information.

-Mej

Thread Starter earrame
(@earrame)

2 years, 6 months ago

I disabled the Widget Options Plugin and ran the security scan again and it came up with the same error.
“WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion”
The scan is being done by ManageWP that I believe is using WP Scan. When I click the learn more link, it goes to a 404 page, so I don’t know what to make of that.

Thread Starter earrame
(@earrame)

2 years, 6 months ago

Here is the information about the vulnerability: https://brightsec.com/blog/file-inclusion-vulnerabilities/#rfi

Plugin Author Mej de Castro
(@mej)

2 years, 6 months ago

Hi @earrame

Can you please delete the Widget Options Plugin and see if the same issue resurface?

Thank you,
Mej

Thread Starter earrame
(@earrame)

2 years, 6 months ago

I completely removed the Widget Options plugin and still get the same security warning from ManageWP:

WordPress Social Media Widget Plugin <= 4.0 – Remote File Inclusion

Plugin Author Mej de Castro
(@mej)

2 years, 6 months ago

Hi @earrame

Thank you for your update! In this case, the issue is not from Widget Options plugin. I would highly suggest coordinating this case to WordPress Social Media Widget Plugin authors.

Thank you,
Mej

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Security issue found’ is closed to new replies.