Welcome to ManageWP.org

Register to share, discuss and vote for the best WordPress stories every day, find new ideas and inspiration for your business and network with other members of the WordPress community. Join the #1 WordPress news community!

×

2 Vulnerabilities in Squirrly SEO plugin 6.1.4 and older

wordfence.com | Jul. 11, 2016 | 3 min read

Details about the security vulnerabilities found in the Squirrly SEO Plugin. The path traversal and privilege escalation vulnerabilities impact versions 6.1.4 and older.

12 votes   Flag
Manuel Vicedo

Wait.

They have just openly disclosed the fact that a plugin with a 20k user base has two critical vulnerabilities, and has only released a fix today? This is just plain irresponsible.

Do they even know how many days (or weeks) it's going to take for the majority of the userbase to upgrade to the fixed version? I'm betting they do, because half the post is an announcement for their own plugin.

I don't mind promotion, but doing so while putting user's websites in danger is an irresponsible move, especially by a security-based plugin.

They should have talked with the Squirrly team, then wait until they have silently rolled out the update. Then, and only then, they should be able to write about how the plugin is vulnerable and how theirs can defend their site.

Reply
Lisa John

SEO services in Sydney from companies like Website Made Simple has put my firm on the front page. Thanks so much Sydney team of SEO! I have worked with this company for several years now and they are top notch. Affordable compared to the others I talked to and much more responsive. Very good work! www.websitemadesimple.com.au/

Reply