Source evidence

Cross Site Scripting (XSS) Security Vulnerability

FareHarbor for WordPress · support · 2023-03-06T16:37:00+00:00

FareHarbor for WordPress plugin evidence original source source API

complaintsentiment

highseverity

1.0relevance

4replies

Evidence linked to opportunitycommercial context

Proof Health

Open evidence

Commercial opportunities need traceable source links before they are treated as build-worthy.

4 / 29 rows with source links

13.8% of this page's analysis has direct source links.

0 build-decision rows missing links

0 rows here require auditable proof before promotion.

25 rows with no attached evidence

0 rows have source counts but still need direct links.

Conversation

support

greencode unresolved

Any news when this XSS vulnerability will be fixed? See patchstack for further details. Same. Are you going to patch this or what? It has been several days since this vulnerability has been discovered and there is no patch. Ithemes recommends shutting it off, but this is not really an option as my customer relies on it for bookings. Please address this! I would suggest everybody either emails them support@fareharbor.com or submit a ticket . Same. Really need a fix on this! 3 sites affected. This reply was modified 3 years, 2 months ago by Richard Gates .

Commercial Context

Opportunity

booking revenue assurance

Reservations booking flow assurance for keeping booking availability and appointment flows working

Buyer: service businesses and booking-site builders

Wedge: test reservations availability, booking notifications, payment handoffs, and calendar sync

Proof Blocked card complete market

Analysis

heuristic-v1

Summary: Cross Site Scripting (XSS) Security Vulnerability: users show security, compatibility, missing feature pain that may indicate a product gap.

Evidence quote: Cross Site Scripting (XSS) Security Vulnerability Any news when this XSS vulnerability will be fixed?

Affected feature: email

security compatibility missing feature support

Plugin

API

FareHarbor for WordPress

9.0K active installs · 138.1K downloads · rating 86.0

booking booking calendar reservation calendar reservation plugin reservations

Comments

4 shown

wweaver 2023-03-08T21:25:00+00:00

Same. Are you going to patch this or what?

spherman 2023-03-10T14:53:00+00:00

It has been several days since this vulnerability has been discovered and there is no patch. Ithemes recommends shutting it off, but this is not really an option as my customer relies on it for bookings. Please address this!

greencode 2023-03-10T15:59:00+00:00

I would suggest everybody either emails them support@fareharbor.com or submit a ticket .

Richard Gates 2023-03-11T01:03:00+00:00

Same. Really need a fix on this! 3 sites affected. This reply was modified 3 years, 2 months ago by Richard Gates .