FindMyHost

Web Hosting News

AHosting Warns WordPress Users To Immediately Update Super Cache Plugin

April 13
12:46 2015

Hudson, FL – AHosting, a provider of premium WordPress hosting, has advised all users of the popular WP Super Cache plugin to update immediately. A vulnerability in the plugin was recently discovered by Sucuri. It could allow malicious third parties to inject arbitrary code into a WordPress site to create admin accounts and insert backdoors.

WordPress sites using versions of the plugin older than 1.4.4 — which was released to patch the vulnerability — are at risk. WP Super Cache is an extremely popular solution for WordPress performance optimization. It substantially improves performance by caching pages — essentially turning them into static pages that load more quickly than WordPress’s default dynamically generated pages.


“WP Super Cache is used by over a million WordPress publishers and bloggers, including hundreds that use our hosting platform,” commented Daniel Page, Director of Business Development at AHosting, Inc., “We want to ensure that as many WordPress users as possible are informed about the pressing risk the recently discovered XSS vulnerability poses. Users of WP Super Cache should update to version 1.4.4 or later as soon as possible.”

The vulnerability is a result of the way WP Super Cache manages the file it uses to to decide which cached files to load. Using a cross-site scripting attack, whereby an authenticated administrator is influenced to load a specifically created web page, attackers may be able to insert arbitrary scripts into this file. Those scripts could be used to carry out any number of actions against a site, essentially leaving it open to takeover by the attacker.

This vulnerability highlights the importance of keeping content management systems up-to-date. All complex software, including WordPress plugins, may exhibit unpredictable behaviour because of coding and design errors. Some of those behaviours will cause exploitable vulnerabilities. WP Super Cache was immediately updated to fix the vulnerability when it was discovered. The only way to get the fix is to update. WordPress and other content management system users should be vigilant and ensure that they run the newest versions of both their CMS and associated plugins.

About AHosting:
AHosting is a managed web hosting provider with facilities in Orlando, FL, and Detroit, MI, owned and operated by AHosting, Inc., supplying hosting services that are truly beyond imagination. Since 2002, AHosting has established one of the web’s premier solutions for CMS hosting, reseller web hosting, multiple IP hosting, dedicated servers, and VPS hosting. For more information, visit www.ahosting.net.

Research, evaluate and learn more about shared web Hosting at FindMyHost.com.

About Author

FindMyHost Editor

FindMyHost Editor

The 'Web Hosting Blog' at FindMyHost.com was established to provide the web hosting industry with the very latest in news, technology, interviews, event information and more. About FindMyHost.com: Launched in January 2001 to protect Web Host Consumers and Web Developers from making the wrong choice when choosing a Web host. FindMyHost.com showcases a selection of web hosting companies who have undergone our Approved Host program testing and provides reviews from customers.

Related Articles

0 Comments

No Comments Yet!

There are no comments at the moment, do you want to add one?

Write a comment

Write a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Special Offers: