[Security] [email protected] JavaScript library with known security vulnerability

[vreoo]

Describe the bug The Bug is mainly in a specific JavaScript library called "moment" The current version is @2.21.0. According to snyk.io, there is a Directory Traversal vulnerability that "aims to access files and directories that are stored outside the intended folder" & overwriting sensitive files

To Reproduce Steps to reproduce the behavior:

1. Must have dokan-lite plugin
2. On any page on your website run the lighthouse test.

4. See error

Expected behavior No expected behavior but an update to the [email protected] library to the LATEST NON-VULNERABLE VERSION. LATEST NON VULNERABLE VERSION is 2.29.4

Environment (please complete the following information):

• Dokan Version: v3.6.4
• Dokan Pro Version: v3.7.4
• WooCommerce Version: v6.8.1
• Browser Chrome
• Current Theme: Flatsome

[nurul-umbhiya]

Will be fixed within next version of dokan lite

[nurul-umbhiya]

Fixed on dokan lite version 3.7.0