Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Security Update: WooCommerce v3.4.6

A security update for WooCommerce has been released. While this fixes a relatively low-risk vulnerability, all WooCommerce users are encouraged to update. Details on the update are available on the WooCommerce Development blog. Excerpt from the blog post: Versions 3.4.5 and earlier are affected by a handful of issues that allow Shop Managers to ... Read More »

15th Oct 2018
Security Update: Breadcrumb NavXT <= 6.1.0 - Username Disclosure via REST API

An information disclosure bug has been revealed in the Breadcrumb NavXT plugin. Affected versions are v6.1.0 and below.

All Managed WordPress sites will be updated automatically.

30th Sep 2018
Unyson <= 2.7.18 - Unspecified Security Issue

A security update has been released for the Unyson plugin. Affected versions are 2.7.18 and below.

All Managed WordPress sites will be updated automatically.

19th Sep 2018
Security Update: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation

An important security update has been released for the Contact Form 7 plugin. You can read about this issue on the Contact Form 7 blog post. Excerpt from the blog post: "A privilege escalation vulnerability has been found in Contact Form 7 5.0.3 and older versions. Utilizing this vulnerability, a logged-in user in the Contributor role can ... Read More »

14th Sep 2018
Security Update: File Manager <= 2.9 - Authenticated Cross-Site Scripting (XSS)

A security update has been released for the File Manager plugin, which fixes an XSS vulnerability.

You can read about this vulnerability on wordpress.org.

All Managed WordPress sites will be updated automatically.

12th Sep 2018
Security Update: WooCommerce < 3.4.5

A security update has been released for WooCommerce. The latest version at time of writing is v3.4.5. Versions 3.4.4 and earlier are affected by an issue where a function that updates attributes could lead to object injection. This is related to the WordPress 4.8.3 security release. This issue can only be exploited by users who can edit ... Read More »

3rd Sep 2018
WP Init Plugin Update to v0.9.11.0

We have just deployed an update to our WP Init mu-plugin, which is installed on all Managed WordPress sites hosted with WP NET. This update dramatically improves performance of the disk space statistics that are displayed on the WP NET Site Info widget on the WP Admin Dashboard. Previously, the directory disk sizes were calculated by the plugin, ... Read More »

30th Aug 2018
Security Update: Ninja Forms - XSS and CSV injection vulnerabilities

The Ninja Forms plugin has had 3 vulnerabilities revealed, affecting version 3.2.13 and below.

All vulnerabilities have been fixed in version 3.2.14. and 3.2.14.1.

You can check the changelog on the Ninja Forms plugin page.

All WP NET Managed WordPress sites will be updated automatically.

29th Aug 2018
All Managed Servers updated to WP-CLI v2

WP-CLI v2 is finally here, and it's a great release for this super-useful tool. All Managed Servers have been upgraded and it's available now! You can read about this release here:┬ámake.wordpress.org/cli/2018/08/08/wp-cli-v2-0-0-release-notes/ If you have any questions or experience issues with WP-CLI v2, please open a support ticket and we'll ... Read More »

14th Aug 2018
Security Update: Tracking Code Manager <= 1.11.1 - Authenticated XSS, CSRF & DoS

A vulnerability fix has been released for Tracking Code Manager plugin.

This fixes an authenticated XSS issue and other bugs. The patched version is 1.11.4.

All WP NET Managed WordPress sites will be updated automatically.

27th Jun 2018