Get Announcements delivered to your Inbox! Subscribe to the Announcements list

WP Google Maps <= 7.11.27 - Admin Settings CSRF

WP Google Maps <= 7.11.27 - Admin Settings CSRF

All Managed WordPress sites have been updated.

Support Response Times June-July 2019

From June 14 through to July 22, WP NET Technical Support will be operating at lower staffing levels and response times will be longer than usual. Due to staff on leave coinciding with some backend system upgrades, WP NET's Support capacity will be reduced during this time. WP NET Support - Low-staff: June 14 - July 22 2019 Support staff will be ...

Security Updates: Various Plugins

We have recently rolled out numerous security updates for all Managed WordPress sites. Updated plugins is as follows: Hustle Popups < 2.8.1 - CSV Injection King Composer Page Builder <= 6.0.7 -  XSS Vulnerabilities Paid Memberships Pro <= 2.0.5 - Authenticated Open Redirect WooCommerce Checkout Manager <= 4.2.6 - Arbitrary ...

WordPress Plugin Security Updates

Important Note Regarding these Security Update Notifications We are changing the format of our My WP NET Security Update Announcements. Previously, security updates notifications included links to the plugin's web page on the WordPress plugin repository and sometimes also other links to information about the vulnerability. Starting today, these ...

WordPress 5.2 Released

WordPress 5.2 "jaco", has been released.

WP NET will begin testing before updating our Managed WordPress sites. 

As per our usual policy, Managed WordPress sites will likely be updated upon release of 5.2.1. Feel free to update yourself and let us know if you have any questions.

Discontinuing Complimentary WP Rocket Plugin

Effective from 8 May 2019, WP NET is no longer able to provide our customers with a complimentary copy of the WP Rocket caching plugin. This is a disappointment for us, as we are real fans of the WP Rocket plugin and we feel that it does add value to our WordPress hosting services. However, due to a licensing issue we must discontinue supplying a ...

WP Statistics <= 12.6.3 - Cross-Site Scripting (XSS)

An XSS vulnerability in the WP Statistics plugin has been patched. Affected versions are 12.6.3 and below.

All Managed WordPress sites will be updated automatically.

Security Update: Popup-Maker

The Popup-Maker plugin utilises a third-party library called Fremius which has an Authenticated Option Update vulnerability.

The issue has been fix in version 1.8.3.

All Managed WordPress sites will be updated automatically.

Security Update: W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated Arbitrary File Read

A serious security vulnerability has been discovered in the W3 Total Cache WordPress plugin. Affected versions are v0.9.2.6 - 0.9.3.

You can read about this vulnerability, here.

No vulnerable versions of this plugin have been detected on any WP NET Managed WordPress sites.

Security Update: Duplicate Page <= 3.3 - Authenticated SQL Injection

A serious security vulnerability has been discovered in the Duplicate Page WordPress plugin. Affected versions are v3.3 and below.

You can read about this vulnerability on the Sucuri Blog.

No vulnerable versions of this plugin have been detected on any WP NET Managed WordPress sites.