2aragorn
commented
1 year ago @davidsword I wasn't sure how else to get in touch with you. This plugin has been flagged and locked down on WordPress because of potential script injection vulnerability. (https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/mobile-call-now-map-buttons/mobile-call-now-map-buttons-150-authenticated-administrator-stored-cross-site-scripting)
The company I work for uses this plugin on multiple websites and would like to continue using it. We were wondering if you still maintain it and if so would you mind patching this vulnerability? If you are not maintaining it or would prefer to pass that responsibility on to someone else we would be willing to adopt the WP plugin.
Our company website is https://www.inboundhorizons.com/ and we currently have 2 plugins publicly released on WordPress with more on the way. https://wordpress.org/plugins/search/Inbound+Horizons/.
Thank you.
Users would like a way to report a security vulnerability.
https://wordpress.org/plugins/mobile-call-now-map-buttons/