Make WordPress Core

Opened 22 months ago

Closed 22 months ago

Last modified 17 months ago

#43694 closed defect (bug) (duplicate)

Chrome Lighthouse Audit - jQuery Vulnerabilities

Reported by: joellisenby Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.9.5
Component: External Libraries Keywords:
Focuses: Cc:
PR Number:



As you can see, with Google Chrome 65.0.3325.181 when running a Lighthouse (https://github.com/GoogleChrome/lighthouse) 2.8.0 audit, there is a new test which claims there is a vulnerability in the version of jQuery (jQuery@1.12.4) included with WordPress.

Includes front-end JavaScript libraries with known security vulnerabilities.

Some third-party scripts may contain known security vulnerabilities  that are easily identified and exploited by attackers.


Is this something to be concerned about and are there any plans to update the version of jQuery included with WordPress to one without the linked vulnerabilities?

Change History (2)

#1 @adamsilverstein
22 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @joellisenby thanks for the report. This is a concern, and we are already tracking this issue in #37110.

This ticket was mentioned in Slack in #forums by jcastaneda. View the logs.

17 months ago

Note: See TracTickets for help on using tickets.