[WordPress Security] High Severity Vulnerability Patched in WP Maintenance Plugin

Check your wordpress plugin folks, make sure everything is updated, your plugin, your themes, and wordpress itself is up to date, auto update enabling if possible. As WordPress are becoming more popular it will also becoming more popular for hackers to target and hack your website anyway they can to compromise your website or your whole web server, so pay close attention to your wordpress folks, if you don’t have to the time to monitor or do maintenance, you can hire someone to do it, if you have a business websites it’s not a lot of money for $50 to $100 a month for a full 24/7 monitoring backup and restore instantly if something goes wrong.

On Tuesday, November 19, 2019, 04:06:17 PM EST, Wordfence [email protected] wrote:

The Wordfence Threat Intelligence team worked with the developer of WP Maintenance, a plugin with over 30,000 installations, to patch high severity vulnerabilities.

This flaw allowed attackers to enable a vulnerable site’s maintenance mode and inject malicious code affecting site visitors. All users of WP Maintenance are advised to update immediately.

Read more on the Wordfence blog.


Chloe Chamberland – Wordfence Threat Analyst

Managing Numerous Sites?
If you’re managing more than one WordPress site, make your life easier with Wordfence Central. All of your sites’ alerts and Wordfence settings can be managed in one place. Try Wordfence Central; it’s free.

If you would like to stop receiving WordPress security alerts and product updates from Wordfence, please use the “unsubscribe” link at the bottom of this email. You subscribed to this list via the Wordfence security plugin for WordPress.

If you aren’t already a member, you can subscribe to our WordPress Security and Product Updates mailing list here. You’re welcome to republish this email in part or in full, provided that you mention that the source is www.wordfence.com. If you would like to get Wordfence for your WordPress website, simply go to your “Plugin” menu, click “add new” and search for “wordfence”.

Defiant, Inc. 800 5th St STE 4100 Seattle WA 98104 United States

You received this email because you are subscribed to Wordfence Security Mailing List from Defiant, Inc..

Update your email preferences to choose the types of emails you receive.

Unsubscribe from all future emails