WordFence Identifies this Plugin as Vulnerable to Cross-Site Scripting

Advanced iframe pro

2 Posts

2 Users

0 Reactions

497 Views

RSS

Posts: 1

agencynetwork

Topic starter

Oct 05, 2022 11:45 pm

(@agencynetwork)

New Member

Joined: 2 years ago

WordFence is saying this plugin needs to be patched for cross-site scripting vulnerability. Does anyone have a solution?

Plugin Name: Advanced iFrame Pro
Current Plugin Version: 2022.5
Details: To protect your site from this vulnerability, the safest option is to deactivate and completely remove “Advanced iFrame Pro” until a patched version is available. Get more information.(opens in new tab)
Repository URL: https://wordpress.org/plugins/advanced-iframe(opens in new tab)
Vulnerability Information: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24953(opens in new tab)

1 Reply

Posts: 923

TinyWebGallery

Admin

Oct 06, 2022 8:14 am

(@admin)

Prominent Member

Joined: 16 years ago

Hi,

Please see the description. This is valid for versions before 2022! Right now this we are at 2022.5.

There this is also listed.

So if you have an older version then 2022 please simply update.

Best regards,

Michael

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed