Hi support,
I purchased the pro version of your plugin, installed it and it works fine. But I got this warnings from my hosting security:
We have detected software vulnerabilities in PHP scripts on your web hosting package. To prevent system abuse resulting from exploitation of these vulnerabilities, these should be addressed as quickly as possible. This concerns the following vulnerabilities:
Code injection vulnerability in WordPress (Unserialized objects can lead to remote code execution, allowing an attacker to take control of all the properties of the deserialized object)
/wp-content/plugins/learning-management-system-pro/vendor/rmccue/requests/library/Requests/Session.php
Code injection vulnerability in WordPress (Unserialized objects can lead to remote code execution, allowing an attacker to take control of all the properties of the deserialized object)
/wp-content/plugins/learning-management-system-pro/vendor/rmccue/requests/library/Requests/Hooks.php
Code injection vulnerability in WordPress (Unserialized objects can lead to remote code execution, allowing an attacker to take control of all the properties of the deserialized object)
/wp-content/plugins/learning-management-system-pro/vendor/rmccue/requests/library/Requests/IRI.php
Vulnerabilities such as these can allow third parties to access your web hosting package and abuse this through e.g. uploading malware for various purposes. We strongly recommend you check the entire web hosting package for other files that appear out of place, which our detection system might have missed.
So, now I would like to ask you: Is your plugin safe for usage and what is the problem I am noticed in this warning about? It makes me VERY worried, so I’ve uninstalled your plugin for now. Thank you for explanation in advance.
Kind regards