The vulnerability was found in the full version of wpDataTables v3.4.1,
so all premium versions before that can be affected.
The Lite version does not have these functionalities (such as SQL based tables),
so Lite version was never affected.
Those reports are not related to the Lite version, but they can be reported in the lite version because the resources where this information about themes or plugins vulnerabilities are stored are generated by the theme or the plugin slug.
Those slugs are the same in both lite and the full version, and because of that, you get those notifications.
The important thing is that there’s nothing to worry about.
Newer versions of the wpDataTable premium don’t have these issues, ( the latest one is 5.7.1)
and Lite versions never did.
Unfortunately, until wpDataTables Lite goes above version 3.4.2 these reports will indicate a false positive. The lite and the full version have the same slug (wpdatatables), and that’s why the security plugins can’t differentiate between the versions.
I hope this helps, do let us know if you need any further information.
and i just forgot to add, in regards to our Premium Plugin,
if you wish, you can try wpDataTables before purchasing
on our sandbox Demo sites ( you can find links for the main plugin Demo,
as well as add-on Demos, in my signature),
and there is a 15-day money-back guarantee period,
so if you purchase the plugin, you can safely fully test it out, and if it doesn't fit your needs you can request and receive a refund in that period. ( same goes for all plugins and add-ons)
Hello,
I am testing your plugin, and it seems awesome but there is a major injection vulnerability. I read through some threads where you address it for the commercial version going back two years, but vulnerability is still reported here: https://patchstack.com/database/vulnerability/wpdatatables/wordpress-wpdatatables-plugin-3-4-1-multiple-sql-injection-sqli-vulnerabilities?_a_id=350
Any update?
Thank you
Hi Ally,
The vulnerability was found in the full version of wpDataTables v3.4.1,
so all premium versions before that can be affected.
The Lite version does not have these functionalities (such as SQL based tables),
so Lite version was never affected.
Those reports are not related to the Lite version, but they can be reported in the lite version because the resources where this information about themes or plugins vulnerabilities are stored are generated by the theme or the plugin slug.
Those slugs are the same in both lite and the full version, and because of that, you get those notifications.
The important thing is that there’s nothing to worry about.
Newer versions of the wpDataTable premium don’t have these issues, ( the latest one is 5.7.1)
and Lite versions never did.
Unfortunately, until wpDataTables Lite goes above version 3.4.2 these reports will indicate a false positive. The lite and the full version have the same slug (wpdatatables), and that’s why the security plugins can’t differentiate between the versions.
I hope this helps, do let us know if you need any further information.
Kind Regards,
Miloš Jovanović
[email protected]
Rate my support
Try our FREE mapping plugin! MapSVG - easy Google maps, interactive SVG maps and floor plans, choropleth maps and much more - https://wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/
wpDataTables: FAQ | Facebook | Twitter | Instagram | Front-end and back-end demo | Docs
Amelia: FAQ | Facebook | Twitter | Instagram | Amelia demo sites | Docs | Discord Community
You can try wpDataTables add-ons before purchasing on these sandbox sites:
Powerful Filters | Gravity Forms Integration for wpDataTables | Formidable Forms Integration for wpDataTables | Master-Detail Tables
Hi Ally,
and i just forgot to add, in regards to our Premium Plugin,
if you wish, you can try wpDataTables before purchasing
on our sandbox Demo sites ( you can find links for the main plugin Demo,
as well as add-on Demos, in my signature),
and there is a 15-day money-back guarantee period,
so if you purchase the plugin, you can safely fully test it out, and if it doesn't fit your needs you can request and receive a refund in that period. ( same goes for all plugins and add-ons)
Let me know if you have any additional questions.
Kind Regards,
Miloš Jovanović
[email protected]
Rate my support
Try our FREE mapping plugin! MapSVG - easy Google maps, interactive SVG maps and floor plans, choropleth maps and much more - https://wordpress.org/plugins/mapsvg-lite-interactive-vector-maps/
wpDataTables: FAQ | Facebook | Twitter | Instagram | Front-end and back-end demo | Docs
Amelia: FAQ | Facebook | Twitter | Instagram | Amelia demo sites | Docs | Discord Community
You can try wpDataTables add-ons before purchasing on these sandbox sites:
Powerful Filters | Gravity Forms Integration for wpDataTables | Formidable Forms Integration for wpDataTables | Master-Detail Tables