How can we help?
If you are looking for support for our PokaTheme, this is the place!
- November 23, 2018 at 10:48 pm #2728
Just following up the email I sent to find out when you anticipate updating the jQuery version that we discussed?November 27, 2018 at 12:17 am #2743
?????November 27, 2018 at 7:10 pm #2746adminKeymaster
Sorry for the delayed response.
Poka theme doesn’t include a version of jQuery but instead uses the WP jQuery. This is common in Theme/Plugin development for better compatibility with the plugins.
This vulnerability is when you make a request to another domain (using jQuery) and the response can execute js in your end. In Poka theme there is no such case so there is nothing to worry about.
But because jQuery is common also for the plugins you are using please be careful with the plugins you have installed.
You can read more about this issue here : https://wordpress.org/support/topic/google-lighthouse-sees-jquery-1-12-4-as-vulnerable/November 30, 2018 at 9:19 am #2760
OK, to clarify – I do not have ANY plugins currently installed. */poka_v2/js/vendor/jquery-1.11.3.min.js <— looks like there is something the poka theme uses.
This is all over my head, so given your answer, I will just conclude that the issue is not going to be fixed and I’ll use a theme from elsewhere that does not give off alerts to vulnerabilities.November 30, 2018 at 11:52 am #2762adminKeymaster
As I said Poka is not using it’s own jQuery. It uses the jQuery WordPress includes in it’s build.
As you can see in a demo but I’m sure you can check in your site also the jQuery that is used is from WordPress includes.
jQuery if you view the source : http://pokav2.pokatheme.com/demo4/wp-includes/js/jquery/jquery.js?ver=1.12.4
As you can understand we don’t have any control what version of jQuery WP is using. Most of the themes use the jQuery WP includes because this is a good practice, you can verify it if you want with other themes.
Also the answer from the official WP support forum is from one of the core developer of WP.
Of course there are workarounds if you want to disable the WP version of iQuery and use your own but you may experience issues with plugins. If you want help please let me know.
You have nothing to worry about the theme and the version of jQuery. 🙂
- This reply was modified 2 years ago by admin.
- You must be logged in to reply to this topic.