I have seen conflicting things on the merits of Security plug ins, but I know next to nothing and just want to maintain a basic website. So I’m trying to keep things simple as possible.
So I installed Solid Security.
I routinely get three error messages in my reports:
1. WordPress Jetpack plugin <= 13.3.1 – Authenticated (Contributor+) Stored Cross-Site Scripting via wpvideo Shortcode vulnerability
2. WordPress WP Reset PRO Premium Plugin <= 5.98 – Cross-Site Request Forgery (CSRF) vulnerability leading to Database Reset
3. WordPress WP Reset PRO Premium Plugin <= 5.98 – Authenticated Database Reset vulnerability
As to 2) and 3): I installed WP Reset plugin (never upgraded to a premium version) but removed it even before installing Solid Security. (Removed, not made inactive. As far as I can tell, she gone.)
As to 1): I got no idea what that means. I have no videos on my site so I don’t know if I should worry. I would presume JetPack is enough of a legit presence in the WP system that it wouldn’t have any major lasting flaws?
Anyway, how the heck do I get rid of the WP Reset errors – when I don’t even have that plugin anymore?!?
Thanks
[ad_2]
You should probably post this on the support page for the plug-in.
https://wordpress.org/support/plugin/better-wp-security/