-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security risk reported by Kaspersky #402
Comments
There was a security issue in 3.1.6 which was addressed in 3.1.7, I am totally unaware of an issue in the current version though. Did they provide links to a page with more info on the suspected vulnerability? |
Also this is the link were I have published my claim to the Microsoft Community |
Did you have the opportunity to take a look at these links ? |
no, had not seen them yet; github does not send notifications when a reply is updated, only on new replies, hence I was blissfully unaware ;-) the first link shows that no only autoptimize files are blocked, but also files did not touch (e.g. jquery.min.js), which at least indicates the problem is not autoptimize as such the 2nd link is merely one guys' opinion and does not share proof that the problem indeed is due to AO and how AO would be a problem. so based on this info there is no proof of a problem with the latest version of AO. |
The problem was a false positive provoked by Kaspersky database. After installing Kasperky premium 2023, and using its different tools for Internet Security, first it detected the alert in the Google search results. But after around 20 minuts all alerts have dissapear. There are no threats or security risks with Autopmize plugin. Addittionally, as I have a multisite Wordpress, I could checked that my other websites with the same installation and plugins do not have any alert from Kaspersky and Microsoft Defender. Currently, the Kasperksky Support team has confirmed is a false-positive and they are working to prevent this to happen again in the future. |
thanks for the feedback alexsolar33 :) |
I have received this email from Microsoft Community, and there is security risk with your plugin Autoptimize according to Microsoft and according to Kaspersky database: They tell me the following: "...the problem is with one of the plugins that you are using "autoptimize". I use the Kaspersky antivirus and your website was blocked by Smart Defender because the "autoptimize" plugin is in Kaspersky databases as a "Threat of data loss". You will need to check if your plugins are updated or find another plugin to replace the "autoptimize", until you fix this your website will be blocked and red-flagged by all antivirus with web protection." I do not want to replace autoptimize by another plugin, and I have checked that I have the latest version 3.1.7
The text was updated successfully, but these errors were encountered: