We sent out emails with the following text to a set of our clients:
Hello,
We are writing to let you know about a recently-disclosed vulnerability in one of the WordPress plugins installed on your website – “Profile Builder”.
You can find more information here:
https://wpscan.com/vulnerability/c142e738-bc4b-4058-a03e-1be6fca47207
Due to the severity of the vulnerability and their high potential impact, we proactively upgraded the plugin on your website to the latest stable version provided by the vendor to protect your website from hacking attacks. The vulnerabilities are already being exploited in the wild, so it was only a matter of time before a hack attempt was made against your website as well. Since we have already proactively upgraded the plugin, your website should be protected.
Please check if there are any issues with the functionality of your website after this upgrade and let us know if you notice any issues.
If you have any questions or need assistance, please do not hesitate to contact us at any time.
That’s how security with CiviHosting works — proactively.