Issue WP Toolkit reporting vulnerabilities for wrong version of theme

[maestroit]

Server operating system version

Debian 11.9

Plesk version and microupdate number

18.0.59 Update #2,

After the latest update, I started seeing that WP Toolkit is reporting that my Themify Ultra theme v7.6.2 has few high severity rating vulnerabilities, when I clicked to see what are those I found that the report is for the Themify version <= 7.3.5, which I am not using !! (Check attached screenshot)

Does the Toolkit detect the version in a wrong way? How can this be solved?

 

[maestroit]

Update:

I installed Plesk v18.0.60 but it is still the same:
PatchStack DB says the vulnerabilities have been fixed, WordFence DB doesn't !!!

 

[Tiria]

I've the same problem with some plugins, example here with Real3D Flipbook 3.83, signaled as vulnerable by Wordfence database... but for version <=1.0.0 !!!

I hope the future WP Toolkit update will fix these issues soon...

 

[maestroit]

After waiting 20 days with no solution from WP Toolkit or WordFence, I contacted WordFence support ( wfi-support _at_ wordfence.com ), with the issue in question, and they marked it as Fixed in few hours.

 

[custer]

Hi guys,

We're reporting these issues to Wordfence on a regular basis, but some reports, like this thread, get lost for some reason -- sorry about that. We'll see how we can ensure that no reports are lost and everything is submitted to Wordfence.