XSS Vulnerability
https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_tribulant_slideshow_galleries_wordpress_plugin.html indicates there is XSS vulnerability in some Slideshow Gallery versions on wordpress plugins. I ran gravityscan and it shows this problem is in releases 1.6.5 and older.
The release I have on my site from wordpress plugins is 1.5.3.4, and it shows as current.
Will the free plugin be updated to remove the vulnerability?
The release I have on my site from wordpress plugins is 1.5.3.4, and it shows as current.
Will the free plugin be updated to remove the vulnerability?
Comments
The security concern you are mentioning was resolved a while back.
You can get the latest version here: https://wordpress.org/plugins/slideshow-gallery/
Shouldn't this be indicated on the plugins page that there is a new release? That is how all the other plugins work.
But when I deactivated, then I was told there is a new version and given the opportunity to upgrade.
I think this is a bug, no? I think I should be told about the new version when the plugin is active.