rollbar-php-wordpress Rollbar plugin is vulnerable to Cross Site Request Forgery (CSRF)

Rollbar plugin is vulnerable to Cross Site Request Forgery (CSRF)

Open iugo-robert opened this issue 7 months ago • 7 comments

See details here: https://patchstack.com/database/wordpress/plugin/rollbar/vulnerability/wordpress-rollbar-plugin-2-7-1-cross-site-request-forgery-csrf-vulnerability

Apr 11 '25 01:04 iugo-robert

SDK-467 Rollbar plugin is vulnerable to Cross Site Request Forgery (CSRF)

Apr 11 '25 01:04 linear[bot]

Thanks for the report, we'll review.

Apr 11 '25 01:04 brianr

@brianr Any update on when we can expect to see a release for this one?

Apr 28 '25 06:04 iugo-robert

@brianr Any update on when we can expect to see a release for this one?

Sorry I also accidentally closed this one, can you please re-open the issue.

Apr 28 '25 06:04 iugo-robert

@iugo-robert We'll fix this with the next release of rollbar-php-wordpress, which is currently in development.

May 08 '25 22:05 brianr

@brianr any ETA?

May 12 '25 11:05 toineenzo

@toineenzo Will follow up about timeline.

May 12 '25 17:05 brianr

@brianr any updates on this?

Jun 23 '25 11:06 toineenzo

Hello, can we get an update on this please?

Jul 03 '25 09:07 leopitt

@iugo-robert @toineenzo I fixed the issue, please check my pull request

Aug 19 '25 21:08 jerrybarry

@iugo-robert @toineenzo I fixed the issue, please check my pull request

Thank you! But I'm not sure if this will be used as the devs are already working on it in a seperate PR :( #128

Aug 20 '25 18:08 toineenzo

@brianr Any update on a timeline for this?

Sep 15 '25 10:09 runephilosof-abtion

@brianr Any update on a timeline for this?

https://github.com/rollbar/rollbar-php-wordpress/pull/128#pullrequestreview-3268746961 It will be merged soon!

Sep 26 '25 00:09 toineenzo

rollbar-php-wordpress rollbar-php-wordpress copied to clipboard

Rollbar plugin is vulnerable to Cross Site Request Forgery (CSRF)

rollbar-php-wordpress
rollbar-php-wordpress copied to clipboard