A researcher out of Germany, Laokoon Security, recently reported a couple of security related issues they uncovered during an audit for one of their clients.
These issues have been resolved in Simple:Press V 6.8.1.
If you’re running any version earlier than this you should upgrade ASAP.
If for some reason you’re still running Version 5.x or 4.x and do not want to upgrade, you should disable Simple:Press.
Only the most recent release of Simple:Press will have the latest security updates and patches.
Additionally, you should update your premium plugins. If you do not have a premium license then you should either purchase a new one or deactivate the older versions you are using.
About Security Updates
Updates that include security fixes are a fact of life for all software. Whether it’s Microsoft, Google or independent software developers such as ourselves, they are part of the software development cycle.
WordPress itself releases multiple security updates every year. The most recent releases (6.0.2 and 6.03) were primarily security related fixes.
Every single month Microsoft ships updates that include security releases.
So, while it may sound ‘bad’ that we have to issue a security related release, you need to worry more about your mission critical plugins that are NOT issuing releases with security fixes.
No development shop is perfect so if your mission-critical plugins aren’t issuing updates with security fixes then they’re either hiding them or not searching for them. (We’re talking about larger plugins, not smaller plugins with limited features.)
As you might expect, we remain committed to stomping out security related issues as they are discovered or reported as well as continuing to improve our ‘security first’ development philosophy.
Did you find this article useful? Or do you use Simple:Press today? If so, please support Simple:Press with a review on WordPress.org. Every review goes a long way towards bringing other users on board!
More From Simple:Press
Simple:Press 6.3.0 is almost ready for release but it needs to be tested on some real-world sites first. If you have a staging site and are a Silver/Gold/Platinum customer please contact us for a beta copy along with updated versions of the plugins and themes. If you’re not using any of our plugins, you can…Read More
Do you have a person? You know, the person you can call on right away when something goes wrong with your WordPress website? If your website brings in a portion of your business revenue, then you need a person. A person who can be available in a few hours, preferably in as little as 60…Read More
So we haven’t been very active on our blog here lately but that doesn’t mean we haven’t been working hard on our Simple:Press Forums plugin. Here are some screen shots of the look-and-feel of the future of the Simple:Press Forums admin dashboard: These changes start to bring the Simple:Press UI in-line with what users expect…Read More