Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

Immediate Update Needed for WordPress Security (wrong version detection)

Comments

5 comments

  • ITHKBO

    I do not believe that these are actual Wordpress versions rather plugin versions.
    Just take a look at the Wordpress branch changelog information
    no release of Wordpress ever goes above *.9
    https://wordpress.org/download/releases/#branch-31

    And Wordpress 1.1 never existed we jumped straight from 1.0 to 1.2

    Do you perchance have Elementor or Elementor pro installed in those listed directories?
    https://raw.githubusercontent.com/elementor/elementor/main/changelog.txt
    Because the version numbering is awfully similar to them.

    1
  • Wallu

    Hi ITHKBO, yeah there are both Elementor and Pro on those sites.

    Edit: I checked the sites, and 3.17.3 is indeed Elementor. 1.114.0 seems to be Site Kit by Google. So you were right, not WP versions.

    Anyways, confusing message say the least, or at least not very informative.

    0
  • Daniel Mullen

    So is this the same message we've been getting in the past only made more urgent and formatted poorly?

    0
  • Wallu

    Yeah, I don't know if this is new or replacing some.

    I do know that I've been getting 2 reports:

    1. Labeled as "Site vulnerabilities found", which is generated by WP Toolkit. It has plugin info and versions in it, and also the Vulnerability info.

    2. Labeled as "Outdated or vulnerable software discovered", which (not sure) is Imunify related, and also has/had plugin and version info in it.

    Now, maybe the new one, "Immediate Action Required: Security Vulnerabilities Detected" has replaced the latter, and just has less info in it :) ...I don't know.

    0
  • Wallu

    Just looked at older reports, and what I just wrote, might be the case.

    Both, the "Outdated or vulnerable software discovered" and "Immediate Action Required: Security Vulnerabilities Detected" have "tag":

    “Imunify::Generic”

    So, it just might be that the report has been "updated" not to include relevant info and the topic has been changed. Just guessing here.

    1

Please sign in to leave a comment.