Security Notice: Nextgen Gallery < 3.2.10 - SQL Injection

We have automatically upgraded the Nextgen Gallery plugin in all applicable WordPress customer accounts.

28º Ago 2019
Security Notice: All-in-One WP Migration <= 6.97 - XSS in admin backend

We have automatically upgraded the All-in-One WP Migration plugin in all applicable WordPress customer accounts.

19º Lug 2019
Security Notice: File Manager <= 4.8 - Multiple Vulnerabilities

We have automatically upgraded the File Manager plugin in all applicable WordPress customer accounts.

11º Lug 2019
Security Notice: Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS

We have automatically upgraded Yoast SEO / Premium in all applicable WordPress customer accounts.

11º Lug 2019
Security Notice: WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) & File Type Check

We have automatically upgraded WooCommerce to 3.6.5 in all applicable WordPress customer accounts.

8º Lug 2019
Security Notice: WordPress Plugin - Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation

A privilege escalation vulnerability has been found in Contact Form 7 5.0.3 and older versions. See https://wpvulndb.com/vulnerabilities/9127 for more information on this vulnerability. We have automatically upgraded all applicable WordPress customer accounts.

13º Sep 2018
Security Notice: WordPress Plugin - WooCommerce <= 3.4.4 - Potential Object Injection

According to WooCommerce: "Versions 3.4.4 and earlier are affected by an issue where a function that updates attributes could lead to object injection. This is related to the WordPress 4.8.3 security release." We have automatically upgraded WooCommerce to 3.4.5 in all applicable WordPress customer accounts.

31º Ago 2018
.nz Domain Name Registry Changes

There are some recent changes by the .nz domain name registry to improve security of the domain name space, compliance with GDPR (Privacy for European citizens no matter where they reside). For information, see https://dnc.org.nz/sites/default/files/2018-04/DNC%20Newsletter%20April%202018_0.pdf.

3º Mag 2018
Security Notice: WordPress Plugin - WP Retina 2x <= 5.2.0 vulnerable to Cross-Site Scripting (XSS)

WP Retina 2x <= 5.2.0 is vulnerable to a Cross-Site Scripting (XSS) attack. We have automatically upgraded all applicable WordPress customer accounts.

13º Mar 2018
WordPress Instances stuck on version 4.9.3

As advised by the WordFence team, WordPress 4.9.3 was released earlier this week and unfortunately it broke the auto-update mechanism in WordPress. Sites running 4.9.2 were auto-updated to 4.9.3 and will no longer be auto-updated unless you perform a manual update.  Due to the security related risks, we may manually update any installations that ... Espandi »

9º Feb 2018