CourseVector Logo (white)

Hosting | Web | Marketing

Tech Updates & Fixes

Slider Revolution <= 6.7.13 – 4.4 vulnerability

July 3, 2024

Our managed hosting team at CourseVector is always on the move, fixing issues to keep our clients’ websites secure and efficient. Recently, we addressed a vulnerability in the Slider Revolution plugin (CVE-2024-37449), which allowed stored cross-site scripting (XSS) in versions up to 6.7.13. This flaw enabled authenticated administrators to inject malicious scripts that could execute on any page they accessed. By swiftly resolving such issues, we ensure our clients’ sites remain protected from potential threats, and we keep them informed about our continuous efforts to maintain and improve their online presence.

PixelYourSite <= 9.6.1.1 – 4.4 vulnerability

July 3, 2024

The CourseVector team is dedicated to providing top-notch managed hosting services by constantly monitoring and fixing issues for our clients. Recently, we resolved a vulnerability in the PixelYourSite plugin, where versions up to 9.6.1.1 were susceptible to stored cross-site scripting (XSS) attacks. This flaw allowed administrators to inject harmful scripts, particularly affecting multi-site installations or those with unfiltered_html disabled. By addressing such vulnerabilities promptly, we ensure our clients’ websites remain secure and fully functional, and we make it a point to keep them informed about the work we do to safeguard their online presence.

Ultimate Blocks <= 3.1.9 – 6.4 vulnerability

July 3, 2024

Our team at CourseVector provides top-notch managed hosting services, constantly stepping in to fix issues and enhance website security for our clients. For example, we recently addressed a vulnerability in the Ultimate Blocks plugin for WordPress, which affected versions up to 3.1.9. This vulnerability, identified as CVE-2024-4268, allowed authenticated users with contributor-level access to inject malicious scripts via multiple blocks, posing a risk of cross-site scripting (XSS). By promptly fixing such vulnerabilities, we ensure our clients’ websites remain secure and keep them informed about our ongoing efforts to safeguard their online presence.

Video Gallery by YotuWP <= 1.3.13 - 9.8 vulnerability

July 3, 2024

At CourseVector, we provide comprehensive managed hosting services, constantly working behind the scenes to ensure our clients’ websites are secure and efficient. For example, we recently fixed a critical vulnerability in the Video Gallery – YouTube Playlist plugin (CVE-2024-4258), which allowed unauthenticated attackers to execute arbitrary files on the server due to a Local File Inclusion flaw. By promptly addressing these types of issues, we protect our clients from potential exploits, ensuring their sites remain safe and operational. We always report these fixes to our clients, keeping them informed about the proactive measures we take to safeguard their online presence.

Proactive Protection: CourseVector Handles WP Statistics 14.5 Security Issues

June 29, 2024

At CourseVector, our managed hosting services are designed to keep your website running smoothly by proactively addressing any issues that arise. For instance, we regularly patch vulnerabilities such as the one recently discovered in the WP Statistics plugin, which exposed sites using version 14.5 to unauthenticated stored cross-site scripting attacks. Our team quickly identifies and resolves these security flaws, ensuring your site remains secure. If you suspect any issues with your site, please contact us immediately so we can address them promptly and keep your online presence safe and sound.

Proactive Security Measures: Addressing Vulnerabilities in the All in One SEO Plugin

June 29, 2024

Recently, a vulnerability was discovered in the All in One SEO plugin for WordPress, specifically an authenticated contributor stored cross-site scripting (XSS) threat via shortcode. This issue affects multiple versions of the plugin, with sites running versions 4.5.6 to 4.6.0 being particularly at risk. At CourseVector, our managed hosting team is always on the job, proactively addressing such threats to keep your website secure and running smoothly. We’ve been updating affected sites to the latest versions of the plugin and implementing necessary security measures. We take pride in keeping you informed about these proactive fixes, ensuring your site is well-protected and optimized. If you suspect any security risks or need assistance, contact us today.

Learn more about hosting
Contact Us

Happy Holidays!

With the holiday season upon us our staff will be taking some time to relax and enjoy time with their families.

We may be a bit slower to respond during this period. If you haven’t gotten a response within 24 hours during our normal business hours, please use our support request form and indicate it is an emergency and someone will get back to you quickly.

 

Search

Sign Up for Our Newsletter

Thank you for your interest in our newsletter! Fill in the form below to receive periodic updates on internet and website security, free cybersecurity posters, WordPress news, and more!

"*" indicates required fields

Name*

Your privacy is important to us. We do not share your information with anyone. You can opt out of our newsletter at any time.

Stay up to date with technology, scams, WordPress, and more. Follow CourseVector on Facebook today!