There’s been a few big vulnerabilities in the past week, and we’ve got a big WP event you might want to “plugin-to” 😉
#1 – Vulnerability: Ultimate Member Plugin
Scoring 9.3/10 in severity, over 200K+ installations, and going back all the way to 2020, it’s a big one!
How will I know I’m okay?
Upgrade the plugin to at least v2.8.3
Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.
#2 – Vulnerability: Brizy Page Builder Plugin
Scoring a whopping 9.9/10 in severity, over 80K+ installations, it’s another big one!
How will I know I’m okay?
Upgrade the plugin to at least v2.4.41
Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.
#3 – Vulnerability: Lightspeed Cache Plugin
With 5M+ installations, chances are high you have this running somewhere.
How will I know I’m okay?
Upgrade the plugin to at least v5.7.0.1
Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.
#4 – All About TimThumb +Exclusive
You’ll have heard of timthumb – people still talk about it.
Why Is This Important?
Broad understanding of WP vulnerabilities, how they come about, and how much the ecosystem has matured is great to know!
Editor Comment
We even get a quote directly from Ben Gillock, the original TimThumb developer, for the piece!
#5 – WordCamp Asia Kicks Off This Week
How can I get involved?
If you’re heading to the event you can usually join the LiveStreams when they’re announced.
Editor Comment
We won’t be at WC Asia, but we might see you at WCEU!
Have a wonderful week!
Paul Goodchild
Shield Security for WordPress
