jQuery Version Update Required for Security Patch

  • Resolved Muhammad Usman Iqbal

    (@seusmaniqbal)


    10 months, 2 weeks ago

    Hi,

    In your plugin, you are currently using an outdated version of jQuery (v3.4.1). Please upgrade to at least v3.5.0 as soon as possible. This update addresses a known security vulnerability, and a patch has been made available in the newer version.

    Vulnerability Reference:
    CVE-2020-11022 – Cross-Site Scripting in jQuery 3.4.1

    File Path Affected:
    file-manager-advanced/application/svg-sanitizer/includes/phpunit/php-code-coverage/src/Report/Html/Renderer/Template/js/jquery.min.js

    Please update the library to ensure continued security and compliance.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support M Aqib Khan

    (@aqibkhan9)

    10 months, 2 weeks ago

    Hello @seusmaniqbal,

    We hope this message finds you well.

    Thank you for reaching out to our Support team.

    We’d like to clarify that our plugin’s jQuery implementation fully complies with WordPress standards. Additionally, we are active members of both Wordfence and Patchstack, and we take security matters very seriously.

    That said, we greatly value your vigilance. If you could kindly guide us in the right direction by sharing where these vulnerabilities were reported, it would help us investigate the matter more thoroughly.

    We remain committed to maintaining a secure product and addressing any concerns promptly and transparently.

    Warm regards,
    Support Team – WP Experts

    Thread Starter Muhammad Usman Iqbal

    (@seusmaniqbal)

    10 months, 2 weeks ago

    Hi @aqibkhan9

    Here is the refference:

    https://nvd.nist.gov/vuln/detail/CVE-2020-11022

    Thank you,

    Plugin Support M Aqib Khan

    (@aqibkhan9)

    10 months, 1 week ago

    Hey @seusmaniqbal

    I appreciate your cooperation & patience as we worked towards resolving the issue.

    I am pleased to inform you that we have fixed the jQuery version. You can download the beta. Kindly download and install the provided Beta version after deactivating the current plugin, at your earliest convenience, and let me know how it performs on your end.

    Download Now

    Your feedback is highly valuable and will help us ensure a smoother experience moving forward.

    Looking forward to hearing from you.

    Warm regards,
    Support Team – WP Experts

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘jQuery Version Update Required for Security Patch’ is closed to new replies.