Replies: 0
Hi,
Our security plugin (Defender Pro v2.1.4) has highlighted suspicious code in DataBuilder.php in Rank Math v1.0.35.3 :
The function extract line 692 column 13 execute using unsanitize user inputs:
extract($this->parseForwardedString($_SERVER[‘HTTP_FORWARDED’]));
The function extract line 717 column 13 execute using unsanitize user inputs:
extract($this->parseForwardedString($_SERVER[‘HTTP_FORWARDED’]));
Should we be concerned about these ?
Thanks
Chris