On 2nd March, iThemes, the company behind plugins such as iThemes Security, announced that it's been discovered that over 400 plugins and 25 themes were using as insecure version of the Freemius Framework, which could affecting the security of thousands of Wordpress websites. - Not sure what all this means? Let's break it down!
[Edit: 5th March 22]
Following Freemius reaching out to us via Twitter we are pleased to include a link to their full disclosure on this security issue: https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure/
Is Your Site Affected?
Let's cut to the chase! You're not really interested in the hows and whys, you want to know if your site is in danger. Anyone who has a support package with Ampersand Studio is safe! Thankfully our friends at iThemes have listed the plugins and themes that have been affected and whether a fix is available or not - https://ithemes.com/blog/wordpress-vulnerability-report-march-2-2022/#400-plugins-themes-impacted-by-insecure-freemius-version. Check the list of plugins and themes your site uses and make sure you have the most up to date versions available. Where a fix is unknown, consider changing to an alternative, where possible.
If you'd like help in identifying if your site is at risk we can offer a one off or monthly maintenance service to ensure your Wordpress site is kept up to date and reduce the risk of these vulnerabilities damaging your reputation. Call us today on 01295 533544 and see how we can help.
£50.00 – £60.00 excl. VAT
Want to Know More?
If you have some unanswered questions still, hopefully you'll find the answer below, otherwise feel free to give us a call or send us a message and we'd be happy to discuss it with you.
They also monitor plugins and themes for vulnerabilities and have been instrumental in notifying webmasters of the possible dangers that have been found.