Automatic Updates Applied to WP Super Cache and W3 Total Cache
There was a recent Sucuri post about vulnerabilities in WP Super Cache and W3 Total Cache. The plugins were allowing PHP injections in comments as noted in this WordPress.org thread.
Both plugin authors have already patched their plugins. Because these are widely used and it is a serious WordPress vulnerability (which has now been made extremely public), we decided to push an automatic update to all Lightning Base-hosted sites. This means you should be taken care of. If the plugin authors add any additional security updates in the next few days we will push those out as well.
Unlike the brute force attack we recently posted about, this requires no action on our clients’ part, so we will not be bothering everyone with another security-related email. If you always want to catch these types of updates, we have an RSS feed or you can follow us on Twitter/Facebook.
As always, if you have any questions, don’t hesitate to get in touch.