plugin vulnerability | WordPress.org

Resolved imokweb
(@imokweb)

2 weeks, 4 days ago

Hi there

I’m Using managewp to monitor sites and The directorist plugin came up as vulnerable

https://patchstack.com/database/wordpress/plugin/directorist/vulnerability/wordpress-directorist-plugin-8-5-6-broken-access-control-vulnerability

https://patchstack.com/database/wordpress/plugin/directorist/vulnerability/wordpress-directorist-plugin-8-5-6-open-redirection-vulnerability

Can you take a look at it and fix it?

thanks

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Support Al-Amin Khan
(@alamin56649)

2 weeks, 4 days ago

Hi @imokweb,

Thank you for reporting this.

These vulnerabilities have already been fixed and patched in the latest version of the plugin. The Patchstack listing may still show the issue because it can take some time for their team to review and update the status after a patch is released.

Please make sure you update Directorist to the latest version to ensure your site remains secure.

If you have any questions or notice anything unusual after updating, feel free to let us know.

Thread Starter imokweb
(@imokweb)

2 weeks, 2 days ago

hi @alamin56649

Just in case there is something more left there, they have changed the title to for the posts and they say that WordPress Directorist Plugin <= 8.6.3 is vulnerable to a medium priority Broken Access Control, WordPress Directorist Plugin <= 8.6.3 is vulnerable to Open Redirection

thanks

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

3 replies
2 participants
Last reply from: imokweb
Last activity: 2 weeks, 2 days ago
Status: resolved