COVID-19 Special Announcement

Create Hosting is considered an essential business in New Zealand, and is a critical supplier to a wide range of sectors. We will continue to remain open for business, and we aim to provide uninterrupted service to our customers throughout the Level 4 lockdown.  During this time, staff will be working remotely and/or from home and the way in ... Davamını oxu »

30th Mar 2020
Security Notice: Jetpack 5.1-7.9 - Vulnerability in Shortcode Embed Code

We have automatically upgraded the Jetpack plugin in all applicable WordPress customer accounts.

21st Nov 2019
Security Notice: Multiple WordPress plugins vulnerable to HTML injection.

Multiple plugins used to convert WordPress default plain text emails to HTML format are found to be vulnerable to HTML injection.  We have automatically updated plugins in all applicable WordPress customer accounts. Affected versions:

Email Templates <1.3.1
WP HTML Mail – Email Designer <2.9.1
WP Email Template <2.2.11

25th Oct 2019
Security Notice: Nextgen Gallery < 3.2.10 - SQL Injection

We have automatically upgraded the Nextgen Gallery plugin in all applicable WordPress customer accounts.

28th Aug 2019
Security Notice: All-in-One WP Migration <= 6.97 - XSS in admin backend

We have automatically upgraded the All-in-One WP Migration plugin in all applicable WordPress customer accounts.

19th Jul 2019
Security Notice: File Manager <= 4.8 - Multiple Vulnerabilities

We have automatically upgraded the File Manager plugin in all applicable WordPress customer accounts.

11th Jul 2019
Security Notice: Yoast SEO 1.2.0-11.5 - Authenticated Stored XSS

We have automatically upgraded Yoast SEO / Premium in all applicable WordPress customer accounts.

11th Jul 2019
Security Notice: WooCommerce <= 3.6.4 - Cross-Site Request Forgery (CSRF) & File Type Check

We have automatically upgraded WooCommerce to 3.6.5 in all applicable WordPress customer accounts.

8th Jul 2019
Security Notice: WordPress Plugin - Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation

A privilege escalation vulnerability has been found in Contact Form 7 5.0.3 and older versions. See https://wpvulndb.com/vulnerabilities/9127 for more information on this vulnerability. We have automatically upgraded all applicable WordPress customer accounts.

13th Sep 2018
Security Notice: WordPress Plugin - WooCommerce <= 3.4.4 - Potential Object Injection

According to WooCommerce: "Versions 3.4.4 and earlier are affected by an issue where a function that updates attributes could lead to object injection. This is related to the WordPress 4.8.3 security release." We have automatically upgraded WooCommerce to 3.4.5 in all applicable WordPress customer accounts.

31st Aug 2018