This week\u2019s vulnerabilities underscore the need to stay informed.<\/p>\n\n\n\n
Don\u2019t miss the notice about switching to PHP 7.4.<\/p>\n\n\n\n
2+ million sites affected with malicious script injection.<\/p>\n\n\n\n
How will I know I’m okay?<\/strong> What’s the risk?<\/strong> Editor Comment More Info \u2192<\/a><\/p>\n\n\n\n Unauthorised access escalation risk.<\/p>\n\n\n\n How will I know I’m okay?<\/strong> What’s the risk?<\/strong> Editor Comment<\/strong> More Info \u2192<\/a><\/p>\n\n\n\n Plugin actively exploited with XSS but no official fix yet<\/em>.<\/p>\n\n\n\n How will I know I’m okay?<\/strong> What’s the risk?<\/strong> Editor Comment<\/strong> More Info \u2192<\/a><\/p>\n\n\n\n A free online event starting this Friday, September 27th, will offer practical tips for building and optimizing fast, dynamic WordPress sites, covering topics like server optimization and security.<\/p>\n\n\n\n How can I get involved?<\/strong>
Upgrade ASAP to v4.9.17+<\/p>\n\n\n\n
Severity risk 7.1<\/strong>\/10 – XSS – allowing injection of malicious scripts into website that guests may execute.<\/p>\n\n\n\n
Please use ShieldPRO’s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n#2 – Vulnerable: Houzez Theme & Login Register Plugin<\/h2>\n\n\n\n
Upgrade ASAP to v3.3.0+<\/p>\n\n\n\n
Severity risk 8.8<\/strong>\/10 – Privilege Escalation – an attacker can gain full access to a site by escalating their low user privileges.<\/p>\n\n\n\n
Please use ShieldPRO’s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n#3 – Vulnerable: WCFM Marketplace Plugin<\/h2>\n\n\n\n
No fix available yet; please replace or monitor for updates.<\/p>\n\n\n\n
Severity risk 7.1\/10 – XSS – allowing injection of malicious scripts into website that guests may execute.<\/p>\n\n\n\n
Please use ShieldPRO’s auto-upgrade feature<\/a> for vulnerable plugins.<\/p>\n\n\n\n#4 – WordPress Agency Summit 2024<\/h2>\n\n\n\n
You can join the LiveStreams when they’re announced.<\/p>\n\n\n\n