Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Duplicate Page and Post < 2.5.7 & WP Post Page Clone < 1.1 - SQL Injections due to Duplicated Snippets

Duplicate Page and Post < 2.5.7 & WP Post Page Clone < 1.1 - SQL Injecti...

wp-post-page-clone - WP Post Page Clone -fixed in version 1.1

duplicate-wp-page-post - Duplicate Page and Post -fixed in version 2.5.7

All Managed WordPress sites have been updated.

Read More
19th May 2020
Easy Testimonials < 3.6 - Authenticated Stored Cross-Site Scripting (XSS)

Easy Testimonials < 3.6 - Authenticated Stored Cross-Site Scripting (XSS) fixed in version 3.6 - 9.1 (Critical)

All Managed WordPress sites have been updated.

Read More
17th May 2020
Site Kit by Google < 1.8.0 - Privilege Escalation to gain Search Console

Site Kit by Google < 1.8.0 - Privilege Escalation to gain Search Console -  fixed in version 1.8.0 - 9.1 (Critical)

All Managed WordPress sites have been updated automatically.

Read More
17th May 2020
WooCommerce < 4.1.0 - Unescaped Metadata when Duplicating Products

WooCommerce < 4.1.0 - Unescaped Metadata when Duplicating Products This is a low-severity issue, we will update --patch what WooCommerce sites we can. We will then contact WooCommerce users about updating. More information is available here: https://wpvulndb.com/vulnerabilities/10220 See this thread for more information on this ...

Read More
14th May 2020
Elementor Updates

Seeing as these recent updates for the Elementor plugin have been getting a lot of attention, I thought we better quickly post something more regarding this. At time of writing, all instances of Elementor and Elementor Pro on our Managed WordPress customers sites have been updated to fix the recently discovered vulnerabilities. WP NET support ...

Read More
10th May 2020
WordPress 5.4 Vulnerabilities Patched

WordPress vulnerabilities patched in version 5.4.1 and backported to the 5.3 branch. 2020-04-29 WordPress < 5.4.1 - Password Reset Tokens Failed to Be Properly Invalidated fixed in version 5.4.1 - 3.1 (Low)2020-04-29 WordPress < 5.4.1 - Unauthenticated Users View Private Posts fixed in version 5.4.1 - 3.7 (Low)2020-04-29 WordPress < ...

Read More
5th May 2020
Avada < 6.2.3 - Missing Permission Checks leading to Arbitrary Post Creation

Avada < 6.2.3 - Missing Permission Checks leading to Arbitrary Post Creation

All Managed WordPress sites have been updated.

Read More
5th May 2020
Ninja Forms < 3.4.24.2 - CSRF to XSS

Ninja Forms < 3.4.24.2 - CSRF to XSS

All Managed WordPress sites have been updated.

Read More
5th May 2020
Advanced Woo Search < 2.00 - SQL query leak in ajax search

Advanced Woo Search < 2.00 - SQL query leak in ajax search

All Managed WordPress sites have been updated automatically.

Read More
27th Apr 2020
Elementor Page Builder < 2.9.6 - Authenticated Safe Mode Privilege Escalation

Elementor Page Builder < 2.9.6 - Authenticated Safe Mode Privilege Escal...

All Managed WordPress sites have been updated.

Read More
2nd Apr 2020