Do you use Sitepress’s Multilingual CMS plugin? If yes, this post could be very useful to you. A vulnerability was found recently in this plugin that can compromise your entire site. The vulnerability exposes your site to an SQL injection attack that’ll allow hackers to access your database. The issue has been fixed in version 3.1.6. Unfortunately this plugin doesn’t allow automatic updates from the WordPress dashboard and thus requires a manual upgrade. This leaves a lot of sites open for attack as many people may easily miss the update to the change log. So if you haven’t upgraded the plugin yet, do it now!
The blogVault team scanned its customer sites for the vulnerable plugin and found over 99 sites that are susceptible to an SQL injection attack. We have notified all of them to upgrade their plugin immediately. This is, of course, restricted to our customers. Our service is unlike any other backup plugin that is available today. Sign up for blogVault to avail the benefits of the best backup service for your site.