Category Archives: Security

Fix for the MailPoet Plugin AKA wysija-newsletters

A vulnerability was found in the MailPoet Newsletters WordPress plugin ( known as wysija-newsletters at the WordPress.org plugin repository ). All versions below 2.6.7 of the plugin are vulnerable. We’ve deployed a hot fix to VaultPress sites running the MailPoet … Continue reading

Posted in General, Security | Tagged | Leave a comment

Fix for TimThumb vulnerability

A serious vulnerability was recently discovered in the popular TimThumb script. TimThumb is a tool that is used to manipulate images, and is used by many themes and plugins. This vulnerability may allow users to execute certain malicious commands on affected servers. If you subscribe to … Continue reading

Posted in Security | Leave a comment

Hotfix for All in One SEO Pack plugin

We’ve added a new hotfix to the 1.5.8 version of the VaultPress plugin to address the recent security vulnerability in the All in One SEO Pack plugin. We’ve already pushed out the VaultPress plugin update to customers that have provided us … Continue reading

Posted in General, Security | Leave a comment

All in One SEO Pack vulnerabilities

The web security team at Sucuri recently discovered a couple of vulnerabilities in the popular All in One SEO Pack plugin. If All in One SEO Pack is installed on your self-hosted WordPress site, your site’s security may be at risk, … Continue reading

Posted in Announcements, General, Security | Leave a comment

Automatically secure your site with keys and salts!

WordPress has a lot of excellent security features. One of these features is the ability to specify randomized keys and salts to help keep cookies and form nonces secure. Sadly, there are a lot of WordPress users who miss out … Continue reading

Posted in Announcements, Features, Security | 4 Comments