ShieldNOTES Ep#6: Your Monday Morning Security Notes

March 25, 2024 by Paul G. | Security, ShieldNOTES

It’s been another quiet week, so just a few items this morning that we think you should know about.

#1 – XSS Vulnerability: Post SMTP Mailer Plugin

With 400K+ installs, you’re probably running it somewhere…

How will I know I’m okay?
Upgrade the plugin to v2.8.7+

What’s the risk?
Unauthenticated XSS: 7.1/10 severity.

Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.

More Info →

#2 – XSS Vulnerability: Rank Math SEO Plugin

With 2M+ installs, chances are good you’re running it somewhere…

How will I know I’m okay?
Upgrade the plugin to v1.0.215+

What’s the risk?
Not a major risk, but worth upgrading: 6.5/10 severity.

Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.

More Info →

#3 – WordPress 6.5 Imminent: Tomorrow

WP 6.5 is due out tomorrow. There’s a lot in this one.

What’s New?
See here for a full breakdown of everything new.

Editor Comment
We particularly like the new Font Library feature.

More Info →

#4 – ShieldPRO 19.1 Imminent: Today!

We’re putting the final touches to ShieldPRO 19.1. It’ll be released by the time you read this email, or shortly after.

What’s New?
Instant Alerts feature – get instant email alerts for critical events and discoveries on your site.

Editor Comment
As always you can check out the changelog for details.

More Info →

Thanks for reading, and have a fab week!

Paul Goodchild
Shield Security for WordPress

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials

@wpcodelearner

Really Excellent !

It offer more than you expect from a security plugin. What other should you want?

@momadeedae

Very good

Thorough but easy to use.

@ildewriter

Brilliant Plugin

Underrated yet so powerful. Tremendous job guys.

@shiyashamsu

The security expert !!

I was tired of blocking automated login attempts and bruteforce attacks. When IP blocking/locking out is not effective when IP spoofing attacks takes place, Simple Security Firewall has its options to block these kind of automated attacks. I love it !!

Leave a Comment Cancel reply

Author

Paul Goodchild is the founder and CEO of Shield Security for WordPress – a best-in-class security plugin for the protection of critical WordPress-based websites and businesses.

Paul focuses on security features that deliver realworld results for client through the prevention of security breaches before they can happen. Prevention is preferrable over busy-security-work that sees you putting out fires and cleaning up your sites after an infection has taken hold.

Paul maintains that while a security plugin for WordPress is absolutely crucial, “security” is a practice and must involve your entire website and WordPress hosting environment, including your own local device security and security hygiene.

View Profile

Main Sections

#1 – XSS Vulnerability: Post SMTP Mailer Plugin
#2 – XSS Vulnerability: Rank Math SEO Plugin
#3 – WordPress 6.5 Imminent: Tomorrow
#4 – ShieldPRO 19.1 Imminent: Today!

ESSENTIAL WORDPRESS SECURITY NEWS

Get ShieldNOTES, our excellent weekly WordPress security newsletter!

ShieldNOTES Ep#6: Your Monday Morning Security Notes

#1 – XSS Vulnerability: Post SMTP Mailer Plugin

#2 – XSS Vulnerability: Rank Math SEO Plugin

#3 – WordPress 6.5 Imminent: Tomorrow

#4 – ShieldPRO 19.1 Imminent: Today!

Really Excellent !

Very good

Brilliant Plugin

The security expert !!

Leave a Comment Cancel reply

Related Stories

ShieldNOTES Ep#21: New Supply Chain Attack; Elementor Addon & WP Google Map Vulnerabilities; Hacker Security Guide

ShieldNOTES Ep#14: ACF & JetPack Vulnerabilities, Japanese Keyword Hack from our Blog, & SSH Security

ShieldNOTES Ep#20: WP.org Supply Chain Attack; ACF & CF7 Vulnerabilities; Password Security

ESSENTIAL WORDPRESS SECURITY NEWS