Plugin Vulnerability

Please Note: This post is a year or more old. Consequently, content may have changed, gone out of date, broke, opinions have changed or is now just plain wrong. If you have any questions, concerns or issues with this content, please feel free to send me an email, including the link, and what issue you're experiencing.

Thank you.

-- Nathan

If you’re one of the 200,000+ users/clients of the ThemeGrill plugin, you should update yesterday.

Plugin vulnerabilities are not a new thing. The only novel thing about this one is the number of affected sites. It’d be like Askimet having a major remote control exploit. You can mitigate these issues by making sure your plugins are up-to-date. WordPress is not particularly hard to manage. There are lots of plugins and services that make it brainless (shoutout: Jetpack). So, this should be a non-issue.

While we’re talking about plugin vulnerabilities, you should go visit Marko Saric’s guide on securing your WordPress install. Lots of good advice in there. I personally like using Jetpack (with Askimet and Vaultpress), but there are lots of free tools that you can use to secure yourself.