Get Announcements delivered to your Inbox! Subscribe to the Announcements list
An XSS vulnerability has been discovered in the WP Bakery Page Builder (previously Visual Composer) plugin. Details on this vulnerability are available here: WPBakery Page Builder < 6.4.1 - Authenticated Stored Cross-Site Scripting (XSS) WordFence - Vulnerability Exposes Over 4 Million Sites Using WPBakery Due to the prevelance of the ...
Multiple Plugins - Cross-Site Request Forgery (CSRF)
Many plugins are affected. Included in updates to WP NET customers:
- Easy Testimonials
- Woody ad snippets – Insert Header Footer Code, AdSense Ads
- Feed Them Social – for Twitter feed, Youtube, Pinterest and more
ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings - fixed in version 8.0.2
A number of our upstream providers are experiencing on-going DDoS attacks on their networks. This is adversely affecting network performance, latency and stability.
As a result, some WP NET customers are experiencing intermittent connection problems to some of our NZ-based web servers.
Please see our Server Status page for updates.
Over the next few days we will begin rolling out WordPress 5.5.1 to our Managed WordPress customers. WordPress 5.5 includes a number of great new features: Performance improvements Built in XML Sitemaps Auto-update for plugins and themes You can now update plugins by uploading a .zip file Block Editor improvements Some welcome developer ...
Elementor < 2.9.14 - Authenticated Stored Cross-Site Scripting - fixed in version 2.9.14
UPDATED 2.9.2020: A new vulnerability has been discovered in the File Manager plugin: File Manager < 6.9 - Arbitrary File Upload leading to RCE. This is a very serious zero-day vulnerability, meaning it is being actively exploited on active installations. Please share this information as widely as possible; any users of this plugin should ...
Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload - fixed in version 2.7.7
- Prev Page
- Next Page
