Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

All Managed WordPress site will be updated automatically.

Read More
25th Nov 2019
Bridge Theme <= 18.2 - Open Redirect

Bridge Theme <= 18.2 - Open Redirect

All Managed WordPress sites will be updated automatically.

Read More
11th Nov 2019
Tidio Live Chat <= 4.1.0 CSRF to Stored XSS

Tidio Live Chat <= 4.1.0 CSRF to Stored XSS  -- fixed in version 4.2.0

Read More
8th Nov 2019
YIT Plugin Framework <= 3.3.8 - Multiple Vulnerabilities

All Managed WordPress sites will be updated automatically

  • YIT Plugin Framework <= 3.3.8 - Authenticated Plugin's Settings Change -- fixed in version 2.2.14
  • YITH WooCommerce Wishlist <= 2.1.2 - Authenticated SQL Injection -- fixed in version 2.2.0
  • Yith-woocommerce-order-tracking
  • Yith-woocommerce-ajax-search

Read More
6th Nov 2019
Bridge Theme <= 18.2 - Open Redirect

Bridge Theme <= 18.2 - Open Redirect

All Managed WordPress sites updated automatically.

Read More
24th Oct 2019
Fast Velocity Minify < 2.7.7 - Full Path Disclosure

Fast Velocity Minify < 2.7.7 - Full Path Disclosure

Read More
21st Oct 2019
Events Manager < 5.9.6 - Stored XSS

Events Manager < 5.9.6 - Stored XSS -- fixed in version 5.9.6

Read More
21st Oct 2019
All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)

All In One SEO Pack < 3.2.7 - Stored Cross-Site Scripting (XSS)

Read More
21st Oct 2019
Visualizer < 3.3.1 - Blind SSRF / Stored XSS

Security updates have been installed for the following plugins:

  • Visualizer < 3.3.1 - Blind SSRF -- fixed in version 3.3.1
  • Visualizer < 3.3.1 - Stored XSS -- fixed in version 3.3.1

Read More
4th Oct 2019
Easy Fancybox < 1.8.18 - Authenticated Stored XSS

Easy Fancybox < 1.8.18 - Authenticated Stored XSS

All Managed WordPress sites will be updated automatically.

Read More
1st Oct 2019