Warning about unused plugin

  • Moderator threadi

    (@threadi)


    5 months, 1 week ago

    Hi,

    I really enjoy using your plugin in many projects. However, today I noticed a false positive for the first time in a completely new project (fresh install with only some plugins). After a site scan with Solid Security, I received the following warning:

    WordPress WP Reset PRO Premium Plugin <= 5.98 – Authenticated Database Reset vulnerability

    The plugin mentioned is not installed at all. I only have the free version, “WP Reset”. I have never had or used their premium version.

    Further down, the solution is listed as:

    Update the WP Reset plugin to the latest available version (at least 5.99).

    If you take a look at the free plugin, you’ll see that it’s currently at version 2.06 – a long way from 5.

    This is incorrect information, correct? It would be great if you could take a look at it.

    And yes, you can hide the warning, which is what I’m going to do now. But it’s a message that refers to a plugin that I don’t even use.

Viewing 1 replies (of 1 total)
  • Plugin Support Brent Wilson

    (@bwbama)

    5 months, 1 week ago

    Hello,

    Glad you reached out about this!

    The possibility of false positives is something we are aware of and are looking at ways to better mitigate this going forward. As you mentioned, we do allow you to “mute” the warning, which is the current workaround that we suggest until refinements can be done to better handle potential false positives going forward.

    Thanks so much for letting us know about this one, and I will do some further testing to see what I can hand off to our development team in order to improve our site scan in a future update!

Viewing 1 replies (of 1 total)

You must be logged in to reply to this topic.