The Social Warfare WordPress plugin has a known vulnerability for all versions prior to 3.5.2. You can see full details on the Unauthenticated Arbitrary Settings Update page at wpvulndb.com.

We found today that one of our clients was running version 3.2.2 and their site was thus exposed to this risk.

We checked that the backups were running correctly (just in case), upgraded that for them and then contacted them to inform them of what we did.

We are here to help keep our clients’ sites secure.

Leave a Reply

Your email address will not be published.