There have been a couple of WordPress-related vulnerabilities in the news this week. I say WordPress-related because they are not issues with WordPress core but with specific plugins or themes that are used on a WordPress site.
CU*Answers Web Services tracks these vulnerabilities through several methods including mailing list subscriptions and automated scans of all of our WordPress sites. WordPress core and plugin updates are automatically applied every Sunday night to keep all sites current and secure. In addition, when we see serious vulnerabilities (like the ones announced yesterday) we can deploy updates immediately.
It’s worth noting that no sites on our hosting environment were using vulnerable versions of this theme or plugin. Likely due to our weekly updates. Nevertheless, Web Services team did verify with our scans that these plugins and themes were up to date.
In short, I would like to remind you that CU*Answers Web Services is actively working to keep all our websites and servers secured and protected. For a review of some of the systems and process in place, please see this previous post from 2018 that still holds true today.