A new security alert reporting a WP Super Cache vulnerability has been reported. This is a serious security flaw and requires an immediate update of this popular plugin. The plugin code has been patched to correct the problem. Please update to version 1.4.4.
A Google Analytics by Yoast security update has been released. Yoast announced the update as soon as the problem was discovered and fixed. If you are using Google Analytics by Yoast on your WordPress site, please update ASAP to the latest version.
The following WordPress plugin security alerts have been issued within the past week: WordPress SEO by Yoast and Woocommerce. Both are extremely popular plugins having been downloaded millions of times and therefore provide millions of opportunities to exploit the security flaws found in both plugins.
A Gravity Forms security vulnerability has been reported. If you are using Gravity Forms, update immediately to the latest version 1.8.20. The security flaw in older versions allows anyone to upload any type of file to the server.
If you're a customer of iThemes you're already aware that there has been an attack on their administrative systems. If you're not aware of the iThemes hack, you need to be. Despite the increasingly routine nature of these attacks and the subsequent breathless reporting on them in the media, which serves mainly to desensitize viewers, IMO, it's important to know that there are different types of hacks with varying results.