Home › Forums › Chit Chat › General Discussion › Vulnerable? This topic has 1 reply, 2 voices, and was last updated 1 year, 4 months ago by Anshuman Sahu. Viewing 2 posts - 1 through 2 (of 2 total) Author Posts August 11, 2023 at 5:15 am #388630 Upface tech-adminParticipant Hello. You wrote about 3.9.9 version But: https://patchstack.com/database/vulnerability/wplms/wordpress-wplms-theme-4-600-cross-site-request-forgery-csrf-vulnerability here is about <4.9.0 What is the real vulnerable version? I have 4.901, should I do anything? August 11, 2023 at 8:35 pm #388662 Anshuman SahuKeymaster hi as the link said this has been fixed in 4.9 . to fix it in 3.9.9 please add this line at the top of the import_data function : if(!current_user_can('manage_options') || (!empty($_POST['security']) || !wp_verify_nonce($_POST['security'],'security'))) die(); Author Posts Viewing 2 posts - 1 through 2 (of 2 total) You must be logged in to reply to this topic. Log In Username: Password: Keep me signed in Log In