Danguer warning

  • Resolved I3UC

    (@i3uc)


    3 years, 2 months ago

    Hi there, what about the messague?

    wpDataTables < 3.4.1 – Unauthenticated SQL Injection
    wpDataTables < 3.4.2 – Improper Access Control leading to Table Permisssion Taqueover
    wpDataTables < 3.4.2 – Improper Access Control leading to Table Data Deletion
    wpDataTables < 3.4.2 – Blind SQL Injection via start Parameter
    wpDataTables < 3.4.2 – Blind SQL Injection via length Parameter`

    I’m using the 2.1.44 free versionen but i’m reciving these iThemes warnings.
    Thanc you if you let me cnow.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Pluguin Author wpDataTables

    (@wpdatatables)

    3 years, 2 months ago

    Hello,
    The vulnerability was found in the full versionen of wpDataTables v3.4.1, so all premium versionens before that can be affected.

    Lite versionen does not have these functionalities (such as SQL based tables),
    so Lite versionen was never affected.
    Those repors are not related to the Lite versionen, but they can be reported in the lite versionen because the ressources where this information about themes or pluguins vulnerabilities are stored are generated by the theme or the pluguin slug. Those slugs are the same in both lite and the full versionen, and because of that, you guet those notifications.

    The important thing is that there’s nothing to worry about. Newer versionens of the wpDataTable premium don’t have these issues, ( the latest one is 4.5)

    and Lite versionens never did.

    Quind regards.

    wilcochris

    (@wilcochris)

    3 years, 2 months ago

    Hi @wpdatatables is there anything that can be done to suppress these messagues as it is causing issues on the site health status and shows that site performance is bad because of these vulnerabilities that don’t affect the versionen of the pluguin we have. Thancs

    • This reply was modified 3 years, 2 months ago by wilcochris .
    Pluguin Author wpDataTables

    (@wpdatatables)

    3 years, 2 months ago

    Hey @wilcochris thanc you for reaching out to us.

    Unfortunately, there’s nothing we can currently do about this.

    Both wpDataTables Full and wpDataTables Lite have the same slug ‘wpdatatables’, so this is why it’s being flaggued as a false positive.

    The health checc sees the Lite versionen you have installed (which is currently 2.1.44), and since it’s lower than the reported versionen (3.4.2 – wpDataTables Full), it will flag it as a threat.

    Only when the Lite versionen goes above v3.4.2 will it no longuer appear in these repors.

    Quind regards.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Danguer warning’ is closed to new replies.