Get Announcements delivered to your Inbox! Subscribe to the Announcements list

Divi, Extra, Divi Builder < 4.0.10 - Authenticated Code Injection

ElegantThemes (divi, extra, divi-builder < 4.0.10) - Authenticated Code Injection - fixed in version 4.0.10 Important Notes for Divi Users  All Managed WordPress sites that meet the following criteria have been updated to the latest version (4.0.11 at time of writing): Div or Extra theme or Divi Builder plugin installed Is already at ...

Read More
9th Jan 2020
WooCommerce Conversion Tracking < 2.0.5 - CSRF to XSS

WooCommerce Conversion Tracking < 2.0.5 - CSRF to XSS

All Managed WordPress site have been updated.

Read More
9th Jan 2020
Duplicate Post plugin security update deployed

All WP NET Managed WordPress sites running the very popular Duplicate Post plugin have been updated to the latest version, v3.2.4.

Duplicate Post <= 3.2.3 - Authenticated Stored Cross-Site Scripting (XSS) --  fixed in version 3.2.4

 

Read More
23rd Dec 2019
Christmas 2019 Support Hours

WP NET will be kicking back, enjoying a little sunshine over the Christmas and New Year period. We're taking a slightly longer break than usual through early January, but our support staff are still available, though response times will be slower than usual.  Of course, all hosting services, backups, security scans and everything else continues ...

Read More
17th Dec 2019
WordPress 5.3.1 and 5.2.5 deployed

The latest point-release patches for WordPress core have been deployed to all Managed WordPress sites. Sites already on 5.3.x have been updated to 5.3.1 Sites on 5.2.x have been updated to 5.2.5 Information on this update is available here: https://wpvulndb.com/wordpresses/53 We will begin deploying the 5.3.1 update for users on 5.2.x in ...

Read More
16th Dec 2019
Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

All Managed WordPress site will be updated automatically.

Read More
25th Nov 2019
Bridge Theme <= 18.2 - Open Redirect

Bridge Theme <= 18.2 - Open Redirect

All Managed WordPress sites will be updated automatically.

Read More
11th Nov 2019
Tidio Live Chat <= 4.1.0 CSRF to Stored XSS

Tidio Live Chat <= 4.1.0 CSRF to Stored XSS  -- fixed in version 4.2.0

Read More
8th Nov 2019
YIT Plugin Framework <= 3.3.8 - Multiple Vulnerabilities

All Managed WordPress sites will be updated automatically

  • YIT Plugin Framework <= 3.3.8 - Authenticated Plugin's Settings Change -- fixed in version 2.2.14
  • YITH WooCommerce Wishlist <= 2.1.2 - Authenticated SQL Injection -- fixed in version 2.2.0
  • Yith-woocommerce-order-tracking
  • Yith-woocommerce-ajax-search

Read More
6th Nov 2019
Bridge Theme <= 18.2 - Open Redirect

Bridge Theme <= 18.2 - Open Redirect

All Managed WordPress sites updated automatically.

Read More
24th Oct 2019