Hi @kgagne,
We’ve informed the development team and they’re looking into it, though we don’t currently have a timeline on the fix. We’ll be sure to keep everyone updated.
Thank you for the update!
And sorry for misspelling the acronym in the title 🤦🏼♂️
Hello, everyone.
Sorry for the delayed reply. We’ve been in touch with Patchstack regarding this and we rolled out an update (11.12.7) that should have addressed these issues. Please reach out if anything else arises.
Thanks, Dave!
Alas, I’m getting a Patchstack report that the SSRF vulnerability is still present in 11.12.7.
I see 11.12.8 came out today, but the changelog doesn’t mention security updates. 🤔
No because everything was indeed fixed in earlier versions. It just took the patchstack folks a while to confirm the fix.
Hello, I also got a warning about a security vulnerability with Powerpress 11.12.8 and the message from JetPack was to upgrade to Powerpress version 11.12.16. @daveclements will this version be available in WP downloads soon? Please advise. Thanks.
