There is a reported vulnerability in the plugin. https://patchstack.com/database/vulnerability/dw-question-answer/wordpress-dw-question-answer-plugin-1-5-7-cross-site-request-forgery-csrf-vulnerability
Moreover, it’s getting obsolete with each php update and WordPress core update. Do you have a plan to update the plugin?
Yes, I sent and notification to our technical team about this issue, we will check and update the Free version.
Hi.
What about the Pro version ?
With the pro version, we have fixed these issues, we have tested and you can watch the following video.
https://www.dropbox.com/home?preview=Test-CSRF-Comment-form.mp4
https://www.dropbox.com/home?preview=Arbitrary-Comment-Edition-via-IDOR.mp4
Please login or Register to submit your answer