Today, we released an update to the VaultPress plugin (1.3.4) to protect against recently identified security vulnerabilities in WordPress. You can read more about those vulnerabilities and the release of WordPress 3.4.1 here.
To be proactive, we pushed version 1.3.4 of the VaultPress plugin to all sites for which we have credentials. Those sites are now protected against the vulnerabilities and we sent customers a note just to let them know we’ve taken action and that their site is safe.
We’ve notified all site owners if we were not able to update their plugin to close the vulnerabilities. If you received a notice, please download version 1.3.4 of the plugin and install it to protect your site. Better yet, enter your site’s FTP credentials in the VaultPress dashboard. In your dashboard, click Configure FTP, MySQL, & SSH to enter the FTP credentials. When you’ve got that done, send us a note and we’ll update your plugin for you. Providing your FTP credentials will allow us to push VaultPress plugin updates to your site automatically, which will keep your site protected against known vulnerabilities.
Remember, to keep your site secure, keep WordPress, your plugins, and themes up-to-date. All users accessing your WordPress admin area should use strong passwords and make sure you delete plugins and themes that you’re no longer using.
Learn more about how VaultPress can protect your content, theme, plugin, and site settings and customizations. Contact us with questions, or sign up to protect your site.