iThemes Security: Critical Security Release

iThemes have released an important security fix for their iThemes Security Plugin.

This release fixes an XSS issue, which allowed potentially dangerous JavaScript to be executed while viewing the iThemes Security 404 error logs.

iThemes have backported the security fix to past versions, releasing a patched version of every minor version dating back to 3.2.

In order to protect your site, we recommend that you check if your site is running a vulnerable version of iThemes Security, and upgrade it immediately to a safe version. You can do so from the “Updates” page in your WordPress dashboard.

We have attempted to push an update to all websites on VaultPress, upgrading them to the safe release of the minor version they were already using. However, we were unable to update some websites due to permission issues.

We have emailed all VaultPress customers whose sites have not been successfully updated.

As always, if you have any questions or need help, drop us a message!

This entry was posted in General, Security. Bookmark the permalink.

One Response to iThemes Security: Critical Security Release

  1. Pingback: Please update to Wordpress 4.2.1 | LetsBSocial

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s