Attention WordPress website owners! A high-severity security flaw has been discovered in the widely-used UpdraftPlus plugin, a tool trusted by over 3 million websites for backups and migrations.
This vulnerability could let hackers exploit your site without logging in, potentially leading to unauthorized changes or access. It’s critical to check if you’re using UpdraftPlus and ensure it’s updated to the latest secure version. All releases of the plugin prior to 1.24.12 (or 2.4.12 for the premium version) are vulnerable.
What Should You Do?
- Log in to your WordPress dashboard.
- Navigate to Plugins > Installed Plugins and find UpdraftPlus.
- Update it to the latest version immediately.
Regular updates and backups protect your site from vulnerabilities like this. Stay safe by keeping all your plugins up to date and considering extra security measures.
For more details, visit the original story at Search Engine Journal.
Are Our Clients Affected?
We deploy the paid premium version of UpdraftPlus on almost all our clients’ websites – at no extra charge – to handle reliable offsite backups. Our clients do not need to worry about this vulnerability since your site has already been updated as part of our standard WordPress maintenance service.