Hi, can you update the plugin to the latest version 1.5.2? Let me know if you still receive the same vulnerability?
Thank you.
I updated to 1.5.2, but in the 1.5.2 changelog you do not wrote any vulnerability fix 🙁
And I don’t know how WP toolkit works, so I don’t know how can I force WP toolkit to check it again 🙁
Do you?
Maybe it only checks once a month automatically or they send it manually after manual cheks, don’t know 🙁
So you too do not know what was WP toolkit discovered exactly? 🙁
WP toolkit is surely not in my wordpress (so it is not a wordpress plugin of mine), and it seems to be a cPanel extension from my host, because it surely have been sent from my hosts email with cpanel logo. This is why I am not familiar with it 🙂
Hi, I checked our plugin using the following URL and there is no vulnerability reported on our plugin.
https://plugintests.com/
Kind regards.
Yes, for the latest version I found out that WP toolkit also writes that it is ok.
And https://patchstack.com/database/vulnerability/easy-wp-smtp/wordpress-easy-wp-smtp-plugin-1-5-1-auth-remote-code-execution-rce-vulnerability?_a_id=110
wrote: “This vulnerability has been fixed in version 1.5.2. ” 🙂
Thanks!
That is great to know 🙂 I am marking this thread as resolved.
Thank you.
ok 🙂
Maybe the vulneraility was in the export-import function what you have removed in 1.5.2.