Support » Plugin: WP Cerber Security, Anti-spam & Malware Scan » Unpatched security vulnerability.

  • Resolved jvargas

    (@jvargas)


    Hi. Do I have to uninstall WP Cerber? It looks that your plugin “…contains an unpatched security vulnerability”. Received a message from Worfence telling me that..

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author Gregory

    (@gioni)

    Hi! There is no unpatched vulnerabilities in the WP Cerber. Please ask the Wordfence team for detailed clarifications regarding that unverified claim.

    Stephen Green

    (@greensitedesign)

    Any update on this?
    Currently WP Cerber has been dropped from the WordPress Plugins listings, what’s the story guys?

    Plugin Author Gregory

    (@gioni)

    Please wait a while for a forum moderator to release my response in this topic. (in short, everything is OK).

    @greensitedesign

    Stephen Green

    (@greensitedesign)

    Hi Gregory,

    I guess that’s one for you to take up with WordFence, as currently users that employ both plugins are receiving the following flag from WordFence (Note: It doesn’t actually remove your plugin either)…

    The Plugin "WP Cerber Security, Anti-spam & Malware Scan" has been removed from wordpress.org.
    Type: Plugin Removed
    Issue Found August 21, 2022 3:32 am
    Critical
    IGNORE
    DETAILS
    Plugin Name: WP Cerber Security, Anti-spam & Malware Scan
    Current Plugin Version: 9.0
    Details: It has unpatched security issues and may have compatibility problems with the current version of WordPress. Get more information.
    • This reply was modified 3 months, 1 week ago by Stephen Green. Reason: Mispelling
    Plugin Author Gregory

    (@gioni)

    I would prefer that some “security experts” (not WordFence) do their jobs more responsibly. I saw a report regarding a WP Cerber bug that is claimed as a vulnerability but it’s not a vulnerability per se. It’s a built-in WordPress feature. I really appreciate and thankful to people reporting bugs and other issues, but this time it’s not what it’s claimed. WP Cerber users, as always, can sleep calmly.

    P.S. The reported bug has been fixed in WP Cerber 9.1.

    @greensitedesign

    @gioni Any updates on this? When can we expect for plugin to become available from the WordPress repo?

    Thanks

    Plugin Author Gregory

    (@gioni)

    @beeroslav Please enable “Send notification when a new version of WP Cerber is available” on the “Notifications” tab.

    Kuba Mikita

    (@kubitomakita)

    @gioni do you have the CVE number? Why would it be taken down?

    The last one I could find is from March 2022

    Plugin Author Gregory

    (@gioni)

    do you have the CVE number?

    I do not.

    Why would it be taken down?

    A new, internal plugin inspection guideline for moderators has recently been enforced. Some plugins require to be refactored due to new limitations and policies.

    @kubitomakita

    liamsmartnumbers

    (@liamsmartnumbers)

    @gioni Thank you for providing some clarification. However, one does question why WP CERBER was not prepared for the new guideline? We’re you aware of this guideline?

    Gracias @gioni por estar contestando las preguntas y generar tranquilidad. Un saludo

Viewing 11 replies - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.