Wordfence has just announced they have found a significant vulnerability with the OptinMonster plugin. They say that over 1,000,000 WordPress sites have been affected. The main threats include:
- Any site visitors are able to export sensitive information
- Any site visitors are able to add malicious JavaScript
Wordfence made OptinMonster aware of their findings and their team immediately released a patch solving the issues.
If you are an OptinMonster user, you should verify that your plugin has been updated to version 2.6.5 as soon as possible.
We here at WP Harbor monitors resources like Wordfence to ensure we are doing everything we can to protect our clients. One of the benefits of hosting with WP Harbor is that we regularly update plugins and themes for all of our sites. Most updates are security patches and our sites get the latest versions in a timely manner. In the event your site is hacked, we remove all malicious code at not cost to our clients. It’s included!
Again, if you use OptinMonster, you need to check and make sure you have the latest version (2.6.5 or higher). If you don’t know how to update your plugins or could use assistance, let us know! We’d be happy to help. You can book a call with out Owner and Founder, Chad Lawie.