Title: Oliver Sild's Replies | WordPress.org

---

# Oliver Sild

  [  ](https://wordpress.org/support/users/oliversild/)

 *   [Profile](https://wordpress.org/support/users/oliversild/)
 *   [Topics Started](https://wordpress.org/support/users/oliversild/topics/)
 *   [Replies Created](https://wordpress.org/support/users/oliversild/replies/)
 *   [Reviews Written](https://wordpress.org/support/users/oliversild/reviews/)
 *   [Topics Replied To](https://wordpress.org/support/users/oliversild/replied-to/)
 *   [Engagements](https://wordpress.org/support/users/oliversild/engagements/)
 *   [Favorites](https://wordpress.org/support/users/oliversild/favorites/)

 Search replies:

## Forum Replies Created

Viewing 3 replies - 1 through 3 (of 3 total)

 *   Forum: [Developing with WordPress](https://wordpress.org/support/forum/wp-advanced/)
   
   In reply to: [Vulnerability in WordPress 6.6.2](https://wordpress.org/support/topic/vulnerability-in-wordpress-6-6-2/)
 *  [Oliver Sild](https://wordpress.org/support/users/oliversild/)
 * (@oliversild)
 * [1 year, 5 months ago](https://wordpress.org/support/topic/vulnerability-in-wordpress-6-6-2/#post-18095153)
 * Oliver from Patchstack here. This vulnerability is a completely valid one and
   has a CVE assigned to it. [@audrasjb](https://wordpress.org/support/users/audrasjb/)
   is correct that it is a low severity issue and is unlikely to be mass-exploited.
   However, it has a significant impact on compliance. Many modern security policies
   may not actually allow to use WordPress until this gets fixed, because to stay
   compliant, they should not run software with unpatched CVEs. That being said,
   I hope core team will put attention to this issue rather sooner than later.
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[WooCommerce] Wordfence notified about WooCommerce 8.4 vulnerability, but 8.5 isn’t out yet.](https://wordpress.org/support/topic/wordfence-notified-about-woocommerce-8-4-vulnerability-but-8-5-isnt-out-yet/)
 *  [Oliver Sild](https://wordpress.org/support/users/oliversild/)
 * (@oliversild)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/wordfence-notified-about-woocommerce-8-4-vulnerability-but-8-5-isnt-out-yet/#post-17340841)
 * It was a false-positive. This vulnerability was already fixed in 8.4.0 (about
   5 weeks ago). Correct details can be found here: [https://patchstack.com/database/vulnerability/woocommerce/wordpress-woocommerce-plugin-8-3-0-reflected-cross-site-scripting-vulnerability](https://patchstack.com/database/vulnerability/woocommerce/wordpress-woocommerce-plugin-8-3-0-reflected-cross-site-scripting-vulnerability)
 *   Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/)
    In
   reply to: [[WooCommerce] Patch for new vulnerability?](https://wordpress.org/support/topic/patch-for-new-vulnerability/)
 *  [Oliver Sild](https://wordpress.org/support/users/oliversild/)
 * (@oliversild)
 * [2 years, 3 months ago](https://wordpress.org/support/topic/patch-for-new-vulnerability/#post-17340798)
 * It’s a false-positive. This vulnerability was already fixed in 8.4.0 (5 weeks
   ago). 8.4.0 is not vulnerable.

Viewing 3 replies - 1 through 3 (of 3 total)