Englicist
asked 4 months ago

There is a reported vulnerability in the plugin. https://patchstack.com/database/vulnerability/dw-question-answer/wordpress-dw-question-answer-plugin-1-5-7-cross-site-request-forgery-csrf-vulnerability
Moreover, it’s getting obsolete with each php update and WordPress core update. Do you have a plan to update the plugin?

1 Answers
DominicStaff
answered 4 months ago

Yes, I sent and notification to our technical team about this issue, we will check and update the Free version.

dbourrion
replied 4 months ago

Hi.
What about the Pro version ?

Dominic Staff
replied 4 months ago

With the pro version, we have fixed these issues, we have tested and you can watch the following video.

https://www.dropbox.com/home?preview=Test-CSRF-Comment-form.mp4
https://www.dropbox.com/home?preview=Arbitrary-Comment-Edition-via-IDOR.mp4

Powered by DW Question & Answer Pro