Hotfix Released for Security Issue

We’ve just updated the VaultPress plugin with a hotfix that closes a recently identified security issue in WordPress. The security issue, which has been corrected in the WordPress 3.0.2 release, could have enabled a malicious Author-level user to gain further access to a site.

VaultPress now looks at potentially problematic queries that get passed through WordPress, determines if one of them is the problem query, and fixes it. All WordPress users should still upgrade to WordPress 3.0.2 as soon as possible, but for those VaultPress customers who haven’t yet been able to upgrade, the update fixes this specific security issue.

Most VaultPress customers (both Basic and Premium) should already have been automatically updated to the latest version of the plugin, v. 0.0888. You can verify the version number by visiting your site’s WordPress dashboard, then viewing your plugins page. If your VaultPress plugin version is lower than 0.0888, you can then update the plugin manually by logging into your VaultPress dashboard, and downloading the latest version of the VaultPress plugin. Or, just contact the VaultPress Safekeeper team and we’ll take care of updating the plugin for you. We can also help you enable automatic updates to the VaultPress plugin.

Our mission is to take the worry out of keeping your WordPress site secure, and we’ll continue to work on making updates like this one even easier for you.

About Apokalyptik

:(){ :|:& };: # Boom
This entry was posted in Announcements, Security and tagged , , . Bookmark the permalink.

One Response to Hotfix Released for Security Issue

  1. Pingback: WordPress Security Update Efficiency « Weblog Tools Collection

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s