Sucuri Reporting That This App As Vulnerable

  • Resolved Stef

    (@serafinnyc)


    4 months, 3 weeks ago

    Just in case you didn’t know Sucuri is reporting the app as being vulnerable. Due to xss. I see you updated the app 7 days ago. When I looked 3 days ago I could have sworn I saw the app abandoned. Can you confirm that you’re still developing the app please? Thank you.

    https://loom.com/i/a3e081127b694cefa1eb6cb868d5be26

    Let us know when you’ve addressed the XSS issue so we can also update Sucuri.

Viewing 12 replies - 1 through 12 (of 12 total)
  • Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    What’s the point of having an app in the repo if you’re not going to respond to customer’s queries?

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    The plugin was updated and reviewed by the WordPress team. All possible vulnerabilities were removed. The initial vulnerability reported by Sucuri was also not a real threat.

    Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    I was part of the WP team when we first created WP. That’s not how it works. This is a new issue that was reported on the day I wrote this thread. It’s not like I like to spend my time hounding authors. I have better things to do with my time. It is relevant and it doesn’t matter that you consider it a non threat. The issue is that it’s being documented as a threat. If you’d like to discuss it with us and the Sucuri team let me know and I can set that up.

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    This issue is now fixed, and the case is closed. There’s nothing further to discuss on this matter.

    Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    Its not fixed. That’s why it’s being reported to you. If you don’t believe me contact Sucuri yourself. If you’re going to mean to the people who buy your products and write them off then we’ll have you removed from the repo.

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    Thank you. We are in direct communication with the WordPress team and Sucuri. We appreciate your good intentions.

    Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    We’ll check with them tomorrow to see if you indeed did.

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    A Man Gotta Do What A Man Gotta Do.

    Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    Are you 5? Thanks for your professionalism.

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    Your satisfaction is of utmost importance to us. I am committed to providing the highest level of service and support. Should there be any specific aspect of our interaction that has not met your expectations, please do not hesitate to inform me. I am here to assist and ensure that all your concerns are addressed comprehensively. Your feedback is invaluable in helping us maintain and improve our standards of service.

    Plugin Author Get Bowtied

    (@getbowtied)

    4 months, 3 weeks ago

    Better?

    Thread Starter Stef

    (@serafinnyc)

    4 months, 3 weeks ago

    If you weren’t a smug sarcastic person that wasn’t using AI sure. But since you want to be ignorant of user’s safety then that’s fine.

Viewing 12 replies - 1 through 12 (of 12 total)
  • You must be logged in to reply to this topic.