Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#43694 closed defect (bug) (duplicate)

Chrome Lighthouse Audit - jQuery Vulnerabilities

Reported by: joellisenby's profile joellisenby Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.9.5
Component: External Libraries Keywords:
Focuses: Cc:


As you can see, with Google Chrome 65.0.3325.181 when running a Lighthouse ( 2.8.0 audit, there is a new test which claims there is a vulnerability in the version of jQuery (jQuery@1.12.4) included with WordPress.

Includes front-end JavaScript libraries with known security vulnerabilities.

Some third-party scripts may contain known security vulnerabilities  that are easily identified and exploited by attackers.

Is this something to be concerned about and are there any plans to update the version of jQuery included with WordPress to one without the linked vulnerabilities?

Change History (2)

#1 @adamsilverstein
6 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @joellisenby thanks for the report. This is a concern, and we are already tracking this issue in #37110.

This ticket was mentioned in Slack in #forums by jcastaneda. View the logs.

6 years ago

Note: See TracTickets for help on using tickets.