Plugin Vulnerability and removed from WP Repo

emyers · June 15, 2024, 1:37pm

I have scanned my client site with Wordfence and am getting this alert for WP CERBER. Is there a vulnerability with the plugin? It is up to date, by the way. PLEASE ADVISE:

The Plugin “WP Cerber Security, Anti-spam & Malware Scan” has been removed from wordpress.org but is still installed on your site.

Type: Plugin Removed

Details: Your site is still using this plugin, but it is not currently available on wordpress.org. Plugins can be removed from wordpress.org for various reasons. This can include benign issues like a plugin author discontinuing development or moving the plugin distribution to their own site, but some might also be due to security issues. In any case, future updates may or may not be available, so it is worth investigating the cause and deciding whether to temporarily or permanently replace or remove the plugin.

nick · June 15, 2024, 2:20pm

To solve the issue, please install the latest version of WP Cerber: https://wpcerber.com/installation/

WP Cerber is continuously developed and is now more sound and safe than ever before. Read more on the matter:

If anyone were to report a vulnerability, they would earn $1000 , and the WP Cerber team would fix it swiftly. So far, no vulnerabilities have been reported, which shows just how solid our software is.

emyers · June 17, 2024, 4:53pm

According to the plugin list in my client’s Wordpress, the plugin is ALREADY up to date (V 9.6.2), as I mentioned in my initial inquiry. The issue being flagged is because WP CERBER was removed from the WP Repository.

Please advise.

emyers · June 19, 2024, 12:36pm

Hi. Please advise, as my issue is the Wordfence flag about the plugin not being in the WP Repo anymore.

nick · June 20, 2024, 2:14am

You can safely ignore the Wordfence flag regarding WP Cerber.