February 2023 Newsletter

February 8, 2023

Critical Bugs Identified in Popular WordPress Plugins

Researcher Joshua Martinelle from Tenable Inc., a cybersecurity company located in Maryland, recently discovered three vulnerable WordPress plugins. He responsibly reported them, sending proofs of concept to WordPress on December 19, 2022. Developers of the plugins have already released security updates to address the issues, so if users are running the latest available version, the problem should be resolved.

A few weeks ago, Martinelle disclosed his findings to the public. We’ve summarized each breach below:

‘Paid Memberships Pro‘ plugin is a membership and subscriptions management tool used in over 100,000 websites.  

Easy Digital Downloads‘ plugin is an e-commerce solution for selling digital files with over 50,000 active installations.

Survey Marker‘ plugin was marked as a ‘high-severity’ flaw and is used by 3,000 websites for surveys and market research.

While proof of concept exploits was released, Tenable Inc. did not share the impact these breaches could have if abused. These bugs are categorized as critical, and it is highly recommended that all websites using the above-listed plugins upgrade to the latest/newest version ASAP. If you need help with making the necessary updates to your WordPress website, contact CPS for assistance. To read more details on these WordPress vulnerabilities, visit Bleepingcomputer.com.

Website Audits & Maintenance

Your website is the foundation of your company’s online presence. People visit it to learn about your business, acquire contact information, and purchase products. If your website is not functioning correctly, is out of date, or is just poorly coded and/or designed, you’re likely to lose out on potential new leads and sales.

That’s where we come in! Creative Programs and Systems (CPS) performs initial website audit reviews and quarterly or annual website maintenance plans. We will scan every page of your site to determine its health, ease of use, engaging calls of action, and review SEO measures and any paid ads strategies. We can also test for ADA compatibility and make necessary recommendations.

Our Website Maintenance Includes:

  • Checking to ensure that all features work and there are no broken links or outdated information listed.
  • Test browser compatibility, including mobile responsiveness.
  • Check to ensure that all forms and your checkout process work as intended.
  • Keep any 3rd party software renewed or up to date.
  • Backing up your website; ensure that your automatic backup feature works or back up your website at least monthly.
  • Review online performance key metrics such as Google Analytics to determine if your website is aligned with your goals.

Additional Website Maintenance

  • Domain Name Renewal – Your domain name renewal should be setup to automatically occur at a minimum annually with an email notification sent.
  • SSL Certification – Validates a website’s identity and enables an encrypted connection between the web server and the web browser; also removing the UNSECURE icon near the URL.
  • Website Hosting – Space allocated on a server to hold a website and store files.
  • Email Delivery – Is the platform you’re using reliable and secure? 

Contact Us for a Free Consultation

Keeping your website maintained and secured enables trust among its users and builds loyalty to your brand. Our comprehensive team not only handles website audits and maintenance, but we also have in-house developers who are skilled in various programming languages and can adjust and fix any flaws. CPS also has a digital marketing team who can review your current strategies and suggest enhanced improvements, along with an IT department that can evaluate your infrastructure and recommend measures for better email functionality, server response time, backups, security protections, and more!