PHP Object Injection vulnerability found in this plugin | WordPress.org

carloscastilloadhoc
(@carloscastilloadhoc)

5 months, 3 weeks ago

https://patchstack.com/database/wordpress/plugin/wp-gravity-forms-spreadsheets/vulnerability/wordpress-connector-for-gravity-forms-and-google-sheets-plugin-1-2-5-php-object-injection-vulnerability

Can we expect a fix soon? Thank you.

Viewing 2 replies - 1 through 2 (of 2 total)

nathaningram
(@nathaningram)

5 months, 3 weeks ago

It looks like this vulnerability was reported 2 months ago (August 8). It’s concerning that the developer has not responded to this issue since they have likely been aware of it for some time now and it is a 9.8/10 risk. Thankfully, it is mitigated by Patchstack.

CRM Perks Support
(@crmperkshelp)

5 months, 3 weeks ago

this report is 100% wrong ,we have fixed it about 2 months ago , but patchstack did bother to verify it

can you please confirm this to patchstack

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

3 replies
3 participants
Last reply from: CRM Perks Support
Last activity: 5 months, 3 weeks ago
Status: not resolved