Old Plugin Version Security Vulnerability
|Closed||30602||Normal||Content Timeline WP|
We have a site on WP Engine that is using the Content Timeline plugin. We had to customize the plugin to suit some of our needs so we haven’t updated it since we would lose our changes.
We were notified by WP Engine that they identified a security vulnerability in the plugin which you have since fixed and released a new version.
We are using plugin version 2.3.5. Do you know if the security vulnerability was present in that version of the plugin?
I am trying to decide how to approach the issue. If the security vulnerability didn’t exist yet then I will leave the modified plugin as is.
If the security vulnerability did exist would you be able to provide the fix so I can apply it to plugin version 2.3.5 or provide me with plugin version 4.4.2 so I can see what changed when you fixed the vulnerability in 4.4.3?