Closed rahulsprajapati closed 2 years ago
We have recently added introduced_in field in https://github.com/10up/wpcli-vulnerability-scanner/pull/50 to show more accurately identify vulnerable versions in report. In this we got one edge case where if we have introduced_in field and site already using fixed vulnerability version of plugin/theme it was still flagging it as vulnerable version. As reported in https://github.com/10up/wpcli-vulnerability-scanner/issues/59
introduced_in
All use cases of vulnerability check covered:
Vulnerability report for sassy-social-share plugin introduced in 3.3.23 and fixed in 3.3.24.
sassy-social-share
3.3.22
3.3.23
3.3.33
Fixes: https://github.com/10up/wpcli-vulnerability-scanner/issues/59
Changed:
wp vuln plugin-status
Description of the Change
We have recently added
introduced_in
field in https://github.com/10up/wpcli-vulnerability-scanner/pull/50 to show more accurately identify vulnerable versions in report. In this we got one edge case where if we haveintroduced_in
field and site already using fixed vulnerability version of plugin/theme it was still flagging it as vulnerable version. As reported in https://github.com/10up/wpcli-vulnerability-scanner/issues/59Alternate Designs
Benefits
All use cases of vulnerability check covered:
Possible Drawbacks
Verification Process
Vulnerability report for
sassy-social-share
plugin introduced in 3.3.23 and fixed in 3.3.24.3.3.22
3.3.23
3.3.33
Checklist:
Applicable Issues
Fixes: https://github.com/10up/wpcli-vulnerability-scanner/issues/59
Changelog Entry
Changed:
wp vuln plugin-status
withintroduced_in
field.