Information Disclosure Vulnerability in Link Whisper Free
Recently Patchstack very vaguely claimed that there is an unfixed vulnerability in the WordPress plugin Link Whisper Free. We really mean very vaguely, as the only information provided about the claimed vulnerability is that involves a “broken access control” and it doesn’t require authentication. They claimed that they received no reply from the author about the issue.
...
This post provides insights on a vulnerability in a WordPress plugin not discovered by us, where the discoverer hadn't provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so the rest of its contents are limited to subscribers of our service.
If you were using our service, you would have already been warned about this vulnerability if your website is vulnerable due to it. You can try out our service for free and then see the rest of the details of the vulnerability.
For existing customers, please log in to your account to view the contents of the post.
Plugin Security Scorecard Grade for Link Whisper Free
Checked on August 21, 2024F
AS we have more than 10 websites that have fallen prey to this vulnerability, we ask in what way we were notified?
You should start using our service, as you would be notified through the notification methods we offer if you are using known vulnerable plugins.