A researcher out of Germany, Laokoon Security, recently reported a couple of security related issues they uncovered during an audit for one of their clients.
These issues have been resolved in Simple:Press V 6.8.1.
If you’re running any version earlier than this you should upgrade ASAP.
If for some reason you’re still running Version 5.x or 4.x and do not want to upgrade, you should disable Simple:Press.
Only the most recent release of Simple:Press will have the latest security updates and patches.
Additionally, you should update your premium plugins. If you do not have a premium license then you should either purchase a new one or deactivate the older versions you are using.
About Security Updates
Updates that include security fixes are a fact of life for all software. Whether it’s Microsoft, Google or independent software developers such as ourselves, they are part of the software development cycle.
WordPress itself releases multiple security updates every year. The most recent releases (6.0.2 and 6.03) were primarily security related fixes.
Every single month Microsoft ships updates that include security releases.
So, while it may sound ‘bad’ that we have to issue a security related release, you need to worry more about your mission critical plugins that are NOT issuing releases with security fixes.
No development shop is perfect so if your mission-critical plugins aren’t issuing updates with security fixes then they’re either hiding them or not searching for them. (We’re talking about larger plugins, not smaller plugins with limited features.)
As you might expect, we remain committed to stomping out security related issues as they are discovered or reported as well as continuing to improve our ‘security first’ development philosophy.
Did you find this article useful? Or do you use Simple:Press today? If so, please support Simple:Press with a review on WordPress.org. Every review goes a long way towards bringing other users on board!
More From Simple:Press
A few days ago we moved our site from Liquid Web to our new FireupWP and WPCloudDeploy project platform. This new platform allows us to use dedicated cloud VMs from places like Digital Ocean, Linode and Vultr. We pay the cost of the VMs with no markup which provides huge savings over regular hosts. We…Read More
A new default theme is coming to Simple:Press Forums with the release of Simple:Press Forums 6.5.0. Features of this theme: More modern looking with larger default font sizes and button sizes. Less use of tiny icons More color customization options Better display on mobile More white space Just like our previous default theme, Barebones, you…Read More