This is SERIOUS. A critical vulnerability has been found within WordPress’. 10 plugins have errors that allow hackers to create a backdoor in affected sites to make admin accounts which enables them to do malicious actions on the site.
I am happy to report that none of our clients are using the effected plugins, but this is a good example of why you need to keep your WordPress website up-to-date. Update all plugins and core files when they are issued. Also make sure you are doing weekly if not daily updates of your site — just in case.
WordPress powers (as of now) approximately 33%+ of the websites online and it’s only going to grow with the acquisition of Tumblr by Automattic, WordPress’ co-founder Matt Mullenweg’s WordPress based company, which runs WordPress.com (NOT the open-source project WordPress.org).
With all this in mind, setup a regular schedule to update your site’s plugin and core-files (when they’re pushed).
If this is something you’re not comfortable doing? Consider hiring a WordPress agency to do it for you?
Goldstein Media can help! Reach out today!