Title: ashes00's Replies | WordPress.org --- # ashes00 [ ](https://wordpress.org/support/users/ashes00/) * [Profile](https://wordpress.org/support/users/ashes00/) * [Topics Started](https://wordpress.org/support/users/ashes00/topics/) * [Replies Created](https://wordpress.org/support/users/ashes00/replies/) * [Reviews Written](https://wordpress.org/support/users/ashes00/reviews/) * [Topics Replied To](https://wordpress.org/support/users/ashes00/replied-to/) * [Engagements](https://wordpress.org/support/users/ashes00/engagements/) * [Favorites](https://wordpress.org/support/users/ashes00/favorites/) Search replies: ## Forum Replies Created Viewing 15 replies - 1 through 15 (of 23 total) 1 [2](https://wordpress.org/support/users/ashes00/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/ashes00/replies/page/2/?output_format=md) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] v3.15.4 has a vulnerability](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year ago](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/#post-18444013) * Author David looks to by busy coding with AI [https://www.linkedin.com/feed/update/urn:li:activity:7318691441113772033/](https://www.linkedin.com/feed/update/urn:li:activity:7318691441113772033/) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] v3.15.4 has a vulnerability](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year ago](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/#post-18443979) * WOW! Yes thats HUGE red flag. Anyone still using this plugin should run, not walk, and purge this plugin from their WP installations immediately. It sounds like the author’s systems have been compromised. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] v3.15.4 has a vulnerability](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year ago](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/#post-18443565) * And just like that; All WP sites under out control have been moved over to a better replacement below. * [https://wordpress.org/plugins/wp-sitemap-page/](https://wordpress.org/plugins/wp-sitemap-page/) * I can not believe that some people pay for a pro license, and this is how they are treated. Best of luck author! * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] v3.15.4 has a vulnerability](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year ago](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/#post-18440245) * I’ve reached out to the author, and no response. Tomorrow we will be moving away to a simpler, and in my opinion a better site map solution. Check out the plugin below. Its still being maintained with over 300K installations, and offer just a basic HTML site-map. If you need XML site-map then its not for you. * [https://wordpress.org/plugins/wp-sitemap-page](https://wordpress.org/plugins/wp-sitemap-page) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] v3.15.4 has a vulnerability](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year ago](https://wordpress.org/support/topic/v3-15-4-has-a-vulnerability/#post-18431661) * Additional Information since my last post must have been deleted! [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-sitemap/simple-sitemap-create-a-responsive-html-sitemap-3514-missing-authorization](https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/simple-sitemap/simple-sitemap-create-a-responsive-html-sitemap-3514-missing-authorization) * We have been forced to deactivate this plugin on all of our customer’s sites. On 04/29 if there is no fix we will be forced to delete, and replace with a competing plugin that is secure. * Author PLEASE communicate with your users. Silence is the worst path here. Thank you * Ash, * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Mailgun for WordPress] Plugin Closed?](https://wordpress.org/support/topic/plugin-closed-39/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year, 10 months ago](https://wordpress.org/support/topic/plugin-closed-39/#post-17884297) * Good to know the as the slug is never released. Hopefully that stays the policy! * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Mailgun for WordPress] Plugin Closed?](https://wordpress.org/support/topic/plugin-closed-39/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year, 10 months ago](https://wordpress.org/support/topic/plugin-closed-39/#post-17884175) * Wordfence reports on closed Plugins as a means to alert of possibly abandoned plugins that can be hijacked by a 3rd party, and used for malicious purposes. This is an extremely useful security feature. Wordfence also reports when a plugin has a known CVE which is another extremely useful function. It would still be nice for the authors to provide some sort of calming communication. I’m hoping it was closed for a missed bounced email, and not something worse. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Mailgun for WordPress] Plugin Closed?](https://wordpress.org/support/topic/plugin-closed-39/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [1 year, 10 months ago](https://wordpress.org/support/topic/plugin-closed-39/#post-17883444) * I’m giving them 48 hours from initial discovery to respond here or on X with something meaningful. If not, then we must assume the worst from an OpSec perspective. We will have to disable, and move the SMTP plugin functionality to Fluent-SMTP. Next will be moving to a new Transactional Email Provider such as Amazon SES, SendGrid, Postmark, etc. All of this could be avoided if MailGun would just communicate in a meaningful way to its users. Talk about shooting yourself in the foot. * [https://wordpress.org/plugins/fluent-smtp/](https://wordpress.org/plugins/fluent-smtp/) * [@mailgun](https://wordpress.org/support/users/mailgun/), [@sivel](https://wordpress.org/support/users/sivel/), [@lookaheadio](https://wordpress.org/support/users/lookaheadio/), [@alanfuller](https://wordpress.org/support/users/alanfuller/), [@m35dev](https://wordpress.org/support/users/m35dev/) any idea whats going on? * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence reporting vulnerability in plugin!](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/page/2/#post-16924701) * I can confirm the upgrade works. I have enabled the plugin again. * [@dgwyer](https://wordpress.org/support/users/dgwyer/) thank you for patching this plugin. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence Detecting Vulnerability](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/page/2/#post-16924698) * I can confirm the upgrade works. I have enabled the plugin again. * [@dgwyer](https://wordpress.org/support/users/dgwyer/) thank you for patching this plugin. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence reporting vulnerability in plugin!](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/page/2/#post-16924672) * Tried to update, and it failed. * WordPress error: Update failed: Download failed. Not Found * I’ll try again in a few mins. Maybe its a CDN propagation issue. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence Detecting Vulnerability](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/#post-16922474) * [@dgwyer](https://wordpress.org/support/users/dgwyer/) Looking forward to that new release. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence reporting vulnerability in plugin!](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/) * Thread Starter [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-reporting-vulnerability-in-plugin/#post-16919271) * [@dgwyer](https://wordpress.org/support/users/dgwyer/) thank you for commenting on the issue sir! * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence Detecting Vulnerability](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/#post-16918044) * All – I just sent the parent company WPGO a message on their contact page at [https://wpgoplugins.com/contact-us/](https://wpgoplugins.com/contact-us/) asking for a response. If we do not get any response soon we should pry consider this plugin as abandoned, and move forward with complete removal. If you are reading this it is highly advised to disable the plugin for security. If you can do without the plugin it advised to disable, and remove the plugin 100% until there is a fix/patch. I personally will be removing this plugin from all of my sites after 1 week of no response from the author. * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[Simple Sitemap - Create a Responsive HTML Sitemap] Wordfence Detecting Vulnerability](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/) * [ashes00](https://wordpress.org/support/users/ashes00/) * (@ashes00) * [2 years, 9 months ago](https://wordpress.org/support/topic/wordfence-detecting-vulnerability/#post-16912369) * Author – Can you please acknowledge this issue? Silence is never a good sign. Thanks Viewing 15 replies - 1 through 15 (of 23 total) 1 [2](https://wordpress.org/support/users/ashes00/replies/page/2/?output_format=md) [→](https://wordpress.org/support/users/ashes00/replies/page/2/?output_format=md)