MalCare Releases Plugin Update with Improved Authentication Systems
by
7-layers of Security for Your WordPress Site
Your website needs the most comprehensive security to protect it from the constant attacks it faces everyday.
Recently, a security researcher reached out to us. He disclosed a limitation in the authentication system of our plugin. We responded to the security researcher, after conducting our due diligence.
In the rare situation, where a site has a pre-existing, high severity SQL injection vulnerability, an attacker might be able to read the MalCare key. To address such issues, we are further strengthening our authentication systems.
Authentication is a critical system and any improvements must be done in a careful manner. We have reviewed various plugins and best practices in our ecosystem to come up with our solution.
In light of the current public discourse, we are expediting the update of our plugin. We will initiate a rollout by EOD. All your sites will be automatically updated with the latest MalCare plugin as normal.
The MalCare firewall is enabled by default on your site. It includes rules that protect your site from such high-severity SQL injection attacks.
We have seen no evidence of any malicious activities.
We appreciate the work that security researchers put in, and we thank Calvin for his efforts.
Please reach out to our support if you have any questions or concerns.
Category:
Share it:
You may also like
How to Fix the Google Blacklist Warning from Your Website
Google blacklist is a colloquial term used to describe big red warnings visible when visiting websites. There are a few flavours, depending on various factors, but they all mean that…
MalCare Stands Strong Against WP Activity Log Premium SQL Injection Vulnerability
A significant SQL injection vulnerability was identified in the WP Activity Log Premium plugin, a popular tool for tracking user activity on WordPress sites. An SQLi vulnerability poses a serious…
Fix Pharma Hack on WordPress and SEO
Pharma hack is a prolific malware that redirects visitors from your site to an online pharmacy that sells Viagra, Cialis, Levitra, Xanax, Tadalafil, and other drugs. It also shows up…
How can we help you?
If you’re worried that your website has been hacked, MalCare can help you quickly fix the issue and secure your site to prevent future hacks.
My site is hacked – Help me clean it
Clean your site with MalCare’s AntiVirus solution within minutes. It will remove all malware from your complete site. Guaranteed.
Secure my WordPress Site from hackers
MalCare’s 7-Layer Security Offers Complete Protection for Your Website. 300,000+ Websites Trust MalCare for Total Defence from Attacks.