Popular AMP for WordPress Plugin Patches Critical Security Flaw by @MattGSouthern

The top AMP plugin for WordPress, AMP for WP, has released a released a patch for a critical security vulnerability.

AMP for WP, which currently has 100,000+ downloads, was pulled from the official WordPress.org plugins section last month.

It has since reappeared as of last week.

The developer says the reason it was pulled was due to a security flow that “could be exploited by non-admins of the site.”

That type of flaw means non-admins could manipulate the plugin settings to place ads, add custom HTML in header or footer, or insert javascript malware.

Downloading the Patch

If you’re one of the many WordPress users with this plugin installed it’s recommended that you download the patch.

Applying the patch is as simple as updating the plugin from your WordPress dashboard.

If you have automatic updates turned on then your plugin may already by patched. Otherwise you will have to update the plugin manually.

Subscribe to SEJ

Get our daily newsletter from SEJ’s Founder Loren Baker about the latest news in the industry!

Sagie

Share
Published by
Sagie

Recent Posts

5 of the Best Ecommerce Tools Every Merchant Needs by @shane_barker

Ecommerce sales in 2018 have, so far, exceeded $500 billion in the U.S. alone. With the increasing use of smartphones… Read More

November 21, 2018 8:48 pm

Google Ads Brings Merchant Promotions to Shopping Actions by @MattGSouthern

Google Ads is bringing its Merchant Promotions program to Shopping Actions for retailers. This integration allows online retailers to add… Read More

November 21, 2018 4:48 pm

How SEO & PPC Keyword Research Can Work Together by @TaylorDanRW

A well-orchestrated PPC campaign can benefit a good SEO campaign, as Sergey Grybniak explores in How to Combine SEO &… Read More

November 21, 2018 8:38 am

3 Social Media Tools to Jumpstart Your Influencer Marketing

Social Media Marketing Industry Report In our 10th annual social media study (44 pages, 70+ charts) of 5700+ marketers, you'll… Read More

November 21, 2018 6:28 am

Digital Extortion: Don’t Let Your Data Be Held Hostage by @tonynwright

Recently, our firm took over the digital marketing efforts for a small company. Their previous digital marketing efforts were led… Read More

November 20, 2018 8:18 pm

How to Analyze Audience Performance with Google Analytics by @hoffman8

Audiences play an integral role in most paid media strategies. The ability to create targeted audiences based on key indicators… Read More

November 20, 2018 4:18 pm