WordPress’ Caching Major Security Risk


This morning a major WordPress secuirty risk was uncovered involving two of the most widely used WordPress caching plugins.

The security hole allows for execution of code directly on your host server which, in-turn, allows hackers to access to alter, modify or delete files on the server. An attacker can also grant themselves access to read your WordPress database giving them the ability, among other things, to add or modify users and download user information.

Anyone currenty running WP Super Cache or WPTC Total Cache are advised to update both plugins IMMEDIATELY to avoid any potential downtime.

To update the plugin goto your admin dashboard, click plugins, scroll to the plugin you have installed and click update now.

You can read more about this on the Sucuri forums.

About the author

Bart Dabek

Bart Dabek

Bart lingers in the shadows of WordPress. He specializes in creating, managing and optimizing complex, high performance WordPress websites.