OptimizePress Security Vulnerability (Please read if using OptimizePress)
- Monday, 16th December, 2013
- 11:20am
This announcement contains important information regarding a security vulnerability in the popular Wordpress theme; OptimizePress.
If you don't have a Wordpress installation using this theme on your hosting account, please disregard this announcement.
If, however, you run a Wordpress installation and have the OptimizePress theme uploaded (even if it's not your active theme) then please read this article in full and take the appropriate action.
For some time we have seen a number of OptimizePress based websites getting hacked due to a security vulnerability, however, in the past few weeks this security vulnerability has been made public, and as such we are seeing a huge increase in the number of websites being hacked.
Hacked websites are either being defaced, and/or malicious files are uploaded and being used to send out large amounts of spam emails from servers.
OptimizePress have recently released a patch that all users of the theme need to apply to their installations to fix this vulnerability.
You can download the patch, and read more details over on the official OptimizePress website:
http://help.optimizepress.com/customer/portal/articles/1381790-important-optimizepress-1-0-security-update
Please ensure that you apply this security patch to *ALL* Wordpress installations that are running OptimizePress. If you have any sites where the OptimizePress theme is uploaded but not in use as the active theme, then you need to either delete the theme files, or apply the patch, as the files are still vulnerable, even if the theme is not active.
If you have any further queries regarding this security vulnerability, you can contact the OptimizePress support team here:
http://help.optimizepress.com/customer/portal/emails/new
If you don't have a Wordpress installation using this theme on your hosting account, please disregard this announcement.
If, however, you run a Wordpress installation and have the OptimizePress theme uploaded (even if it's not your active theme) then please read this article in full and take the appropriate action.
For some time we have seen a number of OptimizePress based websites getting hacked due to a security vulnerability, however, in the past few weeks this security vulnerability has been made public, and as such we are seeing a huge increase in the number of websites being hacked.
Hacked websites are either being defaced, and/or malicious files are uploaded and being used to send out large amounts of spam emails from servers.
OptimizePress have recently released a patch that all users of the theme need to apply to their installations to fix this vulnerability.
You can download the patch, and read more details over on the official OptimizePress website:
http://help.optimizepress.com/customer/portal/articles/1381790-important-optimizepress-1-0-security-update
Please ensure that you apply this security patch to *ALL* Wordpress installations that are running OptimizePress. If you have any sites where the OptimizePress theme is uploaded but not in use as the active theme, then you need to either delete the theme files, or apply the patch, as the files are still vulnerable, even if the theme is not active.
If you have any further queries regarding this security vulnerability, you can contact the OptimizePress support team here:
http://help.optimizepress.com/customer/portal/emails/new
