‘Twas two nights before New Year’s Eve, when all through the house, not a creature was stirring, not even a mouse. That rustling sound you kept hearing was actually the VaultPress Safekeepers, busily protecting all the WordPress sites under our care.
Today we released a hotfix via the VaultPress plugin that closes a recently identified security issue in WordPress. WordPress 3.0.4, released on December 29, fixes a core security bug in the WordPress HTML sanitation library, called KSES.
For VaultPress customers who haven’t yet been able to update WordPress to 3.0.4, the hotfix we’ve released will keep your site protected from this security issue. You should still update WordPress to 3.0.4 as soon as possible.
Both Basic and Premium VaultPress customers should already have been automatically updated to the latest version of the plugin, v. 0.0895. You can verify the version number by visiting your site’s WordPress dashboard, then viewing your plugins page. If your VaultPress plugin version is lower than 0.0895, you can then update the plugin manually by logging into your VaultPress dashboard, and downloading the latest version of the VaultPress plugin. Or, just contact the VaultPress Safekeeper team and we’ll take care of updating the plugin for you. We can also help you enable automatic updates to the VaultPress plugin.
Even if you’re offline for the holidays and can’t upgrade to the latest version of WordPress, rest soundly knowing your site’s protected with VaultPress.