WebPagetest Forums
Security Score - Printable Version

+- WebPagetest Forums (https://www.webpagetest.org/forums)
+-- Forum: WebPagetest (/forumdisplay.php?fid=7)
+--- Forum: General Discussion (/forumdisplay.php?fid=25)
+--- Thread: Security Score (/showthread.php?tid=16201)

Security Score - mohamedismail - 09-25-2020 03:42 AM


There's a security issue (JavaScript Libraries with vulnerabilities) on my WordPress website (https://dleell.com) that really concerns me, and after a lot of research I couldn't figure out how to fix it.

Here's the test results: https://www.webpagetest.org/result/200924_KH_3c842f23449e1c45a573020f0f9f00b7/1/details/

RE: Security Score - pmeenan - 09-26-2020 01:17 AM

The security score issues on a wordpress site would be related to the headers. Ignore the text about JS vulnerabilities on the Snyk site (I thin it says something about them not being applicable for wordpress). WordPress backports security fixes so the Snyk detection ignores the libraries when grading a wordpress site and just uses the score for headers as a basis for the grade.

RE: Security Score - Koray Tuğberk GÜBÜR - 09-30-2020 02:42 AM

You are using JQuery's a very old version and you should update it, if you use a "ready-to-go" Wordpress theme, you may need help from your dev-team or "theme owner". Also, you may do it by your self but it my break some of your pages or segments of pages.

RE: Security Score - pmeenan - 10-02-2020 01:55 AM

The JQuery version information isn't terribly useful for WordPress or Joomla. They maintain their own fork but don't update the version number (they DO update the security patches though). That is why it is ignored.

The forked older versions of JQuery ship with the current versions of WordPress so it's not really a matter of "updating" JQuery.