WP-Super-Cache - Critical Vulnerability, Be sure to upgrade

13
2.9K followers
Updated

As many as 1 million sites imperiled by dangerous bug in WordPress plugin

As many as a million websites could be imperiled by a critical vulnerability recently discovered in WP-Super-Cache, a WordPress plugin that generates static HTML files from dynamic WordPress blogs.

The persistent cross-site scripting bug allows attackers to insert malicious code into WordPress-published pages that use the extension, according to a blog post published Tuesday by security firm Sucuri. Anyone who relies on the plug in should immediately upgrade to version 1.4.4, which has fixes for that bug and several others.

<snip>

Full article: http://arstechnica.com/security/2015/04/as-many-as-1-million-sites-imperiled-by-dangerous-bug-in-wordpress-plugin

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training

Recent Comments

16

Thanks for the heads up Bob! :)

Don't you mean version 4.1.1?

The 1.4.4 version is what's listed in the article. If the plugin is already at a 4.0 or 4.1 level, that must be a typo. Since I don't have that particular plugin installed, I'm just going by what the article said.

Thanks Bob. I think I was confusing it with another number.

That's totally understandable given the number of different plugins at various version numbers. :=) I just confirmed that the latest version is 1.4.4 as it's listed in the article. (I should have done that in response to your previous comment.)

Thanks for sharing

Thanks for sharing Bob. I've disabled the plugin on my websites because it interferes with my ability to see the changes I make (in real time). ~Marion

As long as you have the plugin disabled, I don't think that your sites are exposed to this vulnerabilty. (Not 100% certain on that.) You may want to update it anyway just in case you do want to reenable it in the future.

I am a bit surprised, though, that the plugin keeps you from seeing changes as you're making them in your admin area. I would have expected that the cache would be cleared whenever you update a post or page.

I should have written in the past tense. I haven't checked it recently because of previous problems.

Thank you for the warning! :)

Thanks Bob mine has been updated

Barry

Thanks Bob

Thank you Bob. What would we do without WA family like you. Blessings.....
Shirley

Thanks!

Thank you for the useful info Bob

See more comments

Login
Create Your Free Wealthy Affiliate Account Today!
icon
4-Steps to Success Class
icon
One Profit Ready Website
icon
Market Research & Analysis Tools
icon
Millionaire Mentorship
icon
Core “Business Start Up” Training