Support » Plugin: Defender Security - Malware Scanner, Login Security & Firewall » Vulnerability when scanned using OWASP tools

  • Resolved coolertanto

    (@coolertanto)


    Hi,

    I am using security defender for one of my client. Their IT requested us to test the plugins we used using OWASP tools from here

    https://owasp.org/www-project-dependency-check/

    Scroll to the bottom and look for ‘Command Line’. Click on the link to download OWASP Dependency Check. It will download a ZIP file to the Downloads folder.
    1. Start the command line window
    2. cd to project’s folder e.g. cd \Documents\Projects\YourProject\
    3. Run OWASP Dependency check:

    C:\Users\ctmo-user\Documents\Projects\YourProject> C:\Users\ctmo-user\Downloads\dependency-check-6.1.5-release\dependency-check\dependency-check.bat -s .

    Using latest plugin version 2.4.10 there are 2 issues found:
    vue.runtime.js(v2.6.10) and vue.runtime.min.js (v2.6.10) with medium severity level.

    I am aware that vue is not handled by you & team, but since it’s used by the plugin may I know if there’s any plan to upgrade vue version?

    • This topic was modified 5 months ago by coolertanto. Reason: Adding in more information
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Kris – WPMU DEV Support

    (@wpmudevsupport13)

    Hi @coolertanto

    I hope you are doing good today.

    I pinged our Defender Team to review your query. We will post an update here as soon as more information is available.

    Kind Regards,
    Kris

    Plugin Support Kris – WPMU DEV Support

    (@wpmudevsupport13)

    Hi again @coolertanto

    I consulted this with our Defender Team and we already created a task for this to improve this in Defender. Thank you for your feedback.

    Kind Regards,
    Kris

    Thread Starter coolertanto

    (@coolertanto)

    Hi @wpmudevsupport13

    Thanks you for looking at this issue.

    I am looking forward for the new version update for the plugin

    Thank you

    • This reply was modified 5 months ago by coolertanto. Reason: reword
    Plugin Support Patrick – WPMU DEV Support

    (@wpmudevsupport12)

    Hi @coolertanto

    I hope you are doing well.

    We reported this to our developers and we will be working to improve it, I am marking this thread as resolved for now.

    Feel free to ping us any time you need and please keep the plugin updates and the eyes on changelogs.

    Best Regards
    Patrick Freitas

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.