A researcher out of Germany, Laokoon Security, recently reported a couple of security related issues they uncovered during an audit for one of their clients.
These issues have been resolved in Simple:Press V 6.8.1.
If you’re running any version earlier than this you should upgrade ASAP.
If for some reason you’re still running Version 5.x or 4.x and do not want to upgrade, you should disable Simple:Press.
Only the most recent release of Simple:Press will have the latest security updates and patches.
Additionally, you should update your premium plugins. If you do not have a premium license then you should either purchase a new one or deactivate the older versions you are using.
About Security Updates
Updates that include security fixes are a fact of life for all software. Whether it’s Microsoft, Google or independent software developers such as ourselves, they are part of the software development cycle.
WordPress itself releases multiple security updates every year. The most recent releases (6.0.2 and 6.03) were primarily security related fixes.
Every single month Microsoft ships updates that include security releases.
So, while it may sound ‘bad’ that we have to issue a security related release, you need to worry more about your mission critical plugins that are NOT issuing releases with security fixes.
No development shop is perfect so if your mission-critical plugins aren’t issuing updates with security fixes then they’re either hiding them or not searching for them. (We’re talking about larger plugins, not smaller plugins with limited features.)
As you might expect, we remain committed to stomping out security related issues as they are discovered or reported as well as continuing to improve our ‘security first’ development philosophy.
Did you find this article useful? Or do you use Simple:Press today? If so, please support Simple:Press with a review on WordPress.org. Every review goes a long way towards bringing other users on board!
More From Simple:Press
A researcher out of Germany, Laokoon Security, recently reported a couple of security related issues they uncovered during an audit for one of their clients. These issues have been resolved in Simple:Press V 6.8.1. If you’re running any version earlier than this you should upgrade ASAP. If for some reason you’re still running Version 5.x…Read More
WordPress 5.9 is the gift that keeps on giving… This time around we’ve had to patch the drag-and-drop JS component in it to make it compatible. Upgrade to Simple:Press 6.6.6 to get the fix. The update should be in your WordPress automatic updates page. We’ve tested the fix with WP 5.8 and 5.9 but not…Read More
WordPress 5.9 introduced a new type of theme – the Full Site Editing theme where all components of the theme (including headers and footers) are blocks. This is a radical change to WordPress themes. But, the good news for Simple:Press is that we can still work with these new themes with a couple of minor…Read More
Simple:Press forums 6.6.x was released a few months ago and since then we have pushed a number of minor releases to tweak some things. These are the changes that were made: 6.6.3 Tweak Add a new overlay to the default 2020 theme to match the WP 2021 theme. The new overlay is the default on…Read More