• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

WP Toolkit reports exploit for version lower than installed

F

fpanzer

New Pleskian
Server operating system version
Ubuntu 24.04.4 LTS (Noble Numbat)
Plesk version and microupdate number
Plesk Obsidian 18.0.75.1
Hi,

today I got a notification about a HIGH severity vulnerability on one of my websites, affecting JetEngine <=3.7.2. The version actually installed is 3.8.2.

Refer to the screenshot attached. Is this a bug or a feature? ;-)
 

Attachments

  • Bildschirmfoto vom 2026-02-27 08-57-26.png
    Bildschirmfoto vom 2026-02-27 08-57-26.png
    706.1 KB · Views: 3
Hello, @fpanzer . Thank you for reporting the issue. I forwarded the details to the Patchstack team and the same should be sorted out soon. Since your plugin is already updated you can safely ignore the vulnerability flag. Apologies for the any possible confusion caused.
 
You must log in or register to reply here.

Similar threads

K
WordPress Breakdance plugin <= 1.7.2 - Authenticated Remote Code Execution (RCE) vulnerability
Replies
4
Views
2K
KNEET
K
T
Issue WP Toolkit incorrect vulnerability and version reports
Replies
4
Views
5K
TurnRound
T
S
I can't install Wordpress with Wp Toolkit
Replies
1
Views
3K
vbelozerov
V
R
Resolved WP Toolkit/Wordpress Toolkit - older version screenshot issue
Replies
4
Views
8K
rhall
R
M
Issue WP Toolkit reporting vulnerabilities for wrong version of theme
Replies
4
Views
3K
custer
custer
Back
Top