wrench to illustrate need to tighten security for website by patching magento and updating wordpress plugins

Security alert: Update WordPress Plugins and Magento software

Industry NewsCategory
1 min read
Todd Redfoot

If your website uses WordPress plugins or Magento e-commerce software, you might need to perform updates to protect your site from several major security vulnerabilities, following security alerts from WordPress.org and Check Point.

Multiple WordPress plugins are now vulnerable to Cross-Site Scripting (XSS) due the misuse of the add_query_arg() and remove_query_arg() functions. These functions are used in multiple plugins, so you should update all outdated plugins within your wp-admin dashboard.

The second major vulnerability, which is related to Magento e-commerce software, allows for Remote Command Execution on any site that is running an outdated version of Magento. We strongly suggest that you install the latest patches for Magento.

How to update WordPress plugins and Magento software

For help updating vulnerable WordPress plugins, please see “Managing Plugins.”

To patch Magento, check out these instructions.

Also, check out our Magento Web Hosting offering.