v6.3.0 has a severe security vulnerability | WordPress.org

Resolved Erik Geurts
(@erikgeurtsplatformiqcom)

1 year, 5 months ago

CVE-2024-54289 has been opened regarding this plugin, see https://patchstack.com/database/wordpress/plugin/awesome-support/vulnerability/wordpress-awesome-support-plugin-6-3-0-broken-access-control-vulnerability?_a_id=431

We need this patched as soon as possible!

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author Jawada
(@jawada)

1 year, 4 months ago

Hi @erikgeurtsplatformiqcom

Thank you for bringing this to our attention. This is a known issue, and our team is actively working on it. The next version release will include a fix.

If you have any further questions, please don’t hesitate to reach out.

Best Regards

Thread Starter Erik Geurts
(@erikgeurtsplatformiqcom)

1 year, 4 months ago

This matter has been known to you and everybody else for over a month now, so “actively working on it” is a gotspe. The fix you’re referring to should have been released before the vulnerability was disclosed.

Also, it seems you have marked this topic as “resolved”, which is absolutely incorrect.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘v6.3.0 has a severe security vulnerability’ is closed to new replies.

3 replies
2 participants
Last reply from: Erik Geurts
Last activity: 1 year, 4 months ago
Status: resolved