Outdated jQuery v1.9.1 from Nicepage have known security vulnerabilities

Vitaliy WD
179 Posts
Vitaliy WD posted this 03 July 2019
Ask a Question

Hi.

Google Chrome DevTool Audit show that jQuery library from Nicepage is outdated and have known security vulnerabilities.
Why Nicepage use jQuery v1.9.1 instead v3.4.x?

Hi. Google Chrome DevTool Audit show that jQuery library from Nicepage is outdated and have known security vulnerabilities. Why Nicepage use jQuery v1.9.1 instead v3.4.x?
jquery
Vote to pay developers attention to this features or issue.
7 Replies
Order By: Standard | Newest
a.chypre
27 Posts
a.chypre posted this 04 July 2019

That's a pretty good question actually, any compatibility issues with the latest version ?
Can we replace jQuery lib ourselve in the exported files ?

That's a pretty good question actually, any compatibility issues with the latest version ? Can we replace jQuery lib ourselve in the exported files ?
Giumarr
162 Posts
Giumarr posted this 04 July 2019

I, to test it, replaced it with the most recent version, overwrite the file and everything works as it was

I, to test it, replaced it with the most recent version, overwrite the file and everything works as it was
Support Team
Support Team posted this 05 July 2019

Hi,

We are using the most popular version of jQuery library. It is widely used in the world now and it does not have any compatibility issues with the other libraries and their versions.
In case of using the third-party theme and Nicepage plug-in on the site, the theme's library version will be used on the site.

...................................................
Sincerely,
Hella
Nicepage Support Team

Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp

Hi, We are using the most popular version of jQuery library. It is widely used in the world now and it does not have any compatibility issues with the other libraries and their versions. In case of using the third-party theme and Nicepage plug-in on the site, the theme's library version will be used on the site. ................................................... Sincerely, Hella Nicepage Support Team Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1 Follow us on Facebook: http://facebook.com/nicepageapp
devy6
5 Posts
devy6 posted this 21 January 2020

If something is "widely used on the Internet" that does not mean it is a good practice to support its usage in a product like yours.

Well, it looks like you are supporting exploiting vulnerabilities on site created with Nicepage with including a vulnerable code in the production code your software creates AND without a warning to those who are not familiar with checking things like this before they publish their sites online.

How many sites are created with your vulnerable code already?

If something is "widely used on the Internet" that does not mean it is a good practice to support its usage in a product like yours. Well, it looks like you are supporting exploiting vulnerabilities on site created with Nicepage with including a vulnerable code in the production code your software creates AND without a warning to those who are not familiar with checking things like this before they publish their sites online. How many sites are created with your vulnerable code already?
Support Team
Support Team posted this 28 January 2020

Hi,

As mentioned above, we're using the most popular version. It means that it is used on a large number of websites. Not Nicepage websites. If it caused persistent security problems, it would not be used so widely.
In fact, almost every site is vulnerable. Whatever version of the Jquery is used.

...................................................
Sincerely,
Olivia
Nicepage Support Team

Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp

Hi, As mentioned above, we're using the most popular version. It means that it is used on a large number of websites. Not Nicepage websites. If it caused persistent security problems, it would not be used so widely. In fact, almost every site is vulnerable. Whatever version of the Jquery is used. ................................................... Sincerely, Olivia Nicepage Support Team Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1 Follow us on Facebook: http://facebook.com/nicepageapp
jan.hiermayer
13 Posts
jan.hiermayer posted this 03 April 2020

Thanks for the Information, guys!
We just got a FB Comment about it, and saying its "popular" is the biggest security risk ever. You have to ensure at least a proper implementation. We and other customers could get sued for errors like this - get your stuff together nicepage...

Thanks for the Information, guys! We just got a FB Comment about it, and saying its "popular" is the biggest security risk ever. You have to ensure at least a proper implementation. We and other customers could get sued for errors like this - get your stuff together nicepage...
Support Team
Support Team posted this 13 April 2020

Hi,

We will update jQuery version in future updates.

...................................................
Sincerely,
Eugene
Nicepage Support Team

Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp

Hi, We will update jQuery version in future updates. ................................................... Sincerely, Eugene Nicepage Support Team Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1 Follow us on Facebook: http://facebook.com/nicepageapp
You must log in or register to leave comments

Company
Product
Themes & Templates
Nicepage
Web Design