ESC! Tech News
We want to help ensure it’s the best it can be.
WordPress 6.0 “Arturo” Released
Inspired by Grammy-winning jazz musician, Arturo O’Farrill, WordPress 6.0 was released on May 24th. Though the focus continues to be on Full Site Editing (FSE), there are many other features under the hood that may benefit ESC! Technologies Group's clients even if FSE...
Older Posts
WordPress Security: WordPress 4.2.3 Released to Address Critical Security Issue
WordPress 4.2.3 was released today to patch a critical cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability. If...
WordPress Security: WooCommerce Vulnerability
WordPress Plugins A serious vulnerability has been discovered in the extremely popular e-commerce plugin for WordPress, "WooCommerce". If left unpatched, a WordPress installation utilizing version 2.3.5 or earlier could be vulnerable to a SQL injection attack that...
WordPress Security: WordPress SEO by Yoast Vulnerability
WordPress Plugins A serious vulnerability has been discovered in the WordPress plugin "WordPress SEO by Yoast". If left unpatched, a WordPress installation utilizing version 1.7.3 or earlier (see all patched versions below) could be vulnerable to a SQL injection...
WordPress Security: MainWP Child Vulnerability
WordPress Plugins A privilege escalation vulnerability has been discovered in the WordPress plugin "MainWP Child". MainWP Child is a plugin that works in conjunction with the WordPress management plugin, MainWP, to allow remote administration of WordPress-based...
WordPress Security: Zero-Day Vulnerability in “FancyBox for WordPress”
WordPress Plugins A zero-day vulnerability has been discovered in the WordPress plugin "Fancy Box for WordPress". If left unpatched, a WordPress installation utilizing version 3.0.3 or earlier could allow an attacker to install malware or other malicious content on...
Tech!Alert: Zero-Day Vulnerability Discovered in Adobe Flash Player
Adobe released a critical update to its Flash Player plugin version 16.0.0.296 and earlier that patches a zero-day vulnerability which could allow an attacker to take control of an affected system.
Adobe released a patch for the flaw on February 4th which will be sent to all desktop installs of Flash Player that have auto-update enabled and they expect to release a manually installable update no later than February 5th.
WordPress 4.1 “Dinah” Released!
Named for Jazz Singer, Dinah Washington, WordPress 4.1 was released today and brings with it a number of features focused specifically on the writing experience. All ESC! Technologies Group clients who subscribe to one of our WordPress Maintenance plans will be...
WordPress Security: Slider Revolution *update*
WordPress Plugins Another round of warnings have been issued by blogs and hosting companies alike about the Slider Revolution plugin by ThemePunch. Mostly, these new warnings are simply a reminder to those who didn't heed the alerts issued in September that they'd...
WordPress Security: WordPress 4.0.1 Critical Security Patch Released
WordPress 4.0.1 was released today to patch a critical cross-site scripting vulnerability, which could enable anonymous users to compromise your site. WordPress versions 3.9.2 and earlier are affected. If you've not yet done so, you should back up your site &...
WordPress Security: Paid Memberships Pro Critical Update
WordPress Plugins A critical vulnerability has been discovered in the memberships plugin for WordPress called Paid Memberships Pro (aka PMPro). If left unpatched, a WordPress installation utilizing a version of Paid Memberships Pro prior to 1.7.15 could allow an...