Popular AMP for WordPress Plugin Patches Critical Security Flaw

The high AMP plugin for WordPress, AMP for WP, has launched a patch for a crucial safety vulnerability.

AMP for WP, which presently has 100,000+ downloads, was pulled from the official WordPress.org plugins part final month.

It has since reappeared as of final week.

The developer says the explanation it was pulled was as a consequence of a safety stream that “could be exploited by non-admins of the site.”

That sort of flaw means non-admins might manipulate the plugin settings to position adverts, add customized HTML in header or footer, or insert javascript malware.

Downloading the Patch

If you’re one of many many WordPress customers with this plugin put in it’s beneficial that you just obtain the patch.

Applying the patch is so simple as updating the plugin out of your WordPress dashboard.

If you’ve got computerized updates turned on then your plugin could already by patched. Otherwise you’ll have to replace the plugin manually.

Subscribe to SEJ

Get our each day publication from SEJ’s Founder Loren Baker concerning the newest information within the trade!


Tags: , , , , , , ,