At WP Engine, we take the security of your sites very seriously, and we strive to proactively keep you aware of any potential issues or vulnerabilities that could impact the sites you entrust to us.
A vulnerability was announced yesterday that impacted all WordPress sites across the world. If exploited, this vulnerability would allow malicious users to store JavaScript code which then could be used to obtain the credentials of anyone who visits the page. This Forbes article discusses the vulnerability in more detail.
Here at WP Engine, our Security Engineers immediately sprang into action and had placed a patch on our environment within three hours of the vulnerability being announced yesterday. This means that all WP Engine customers are safe and not vulnerable to this issue. You do not need to take any mitigation steps such as turning off comments, or wait for a WordPress update to ensure you are secure.
We’re proud to continue to fulfill our commitment to our customers by ensuring your sites are safe and secure.
Gabriel S Merovingi says
Keep up the good work!
Carl Hassett says
You all rock! Thank you!
Matt Orley says
Have I told you lately that I love you? Thrilled to have you.
Alexei Petrou says
Great work. Thanks!
Samina says
Well this is the commitment.
Every blogger want to have safe and secure blog.
Having WordPress hosted on a secure hosting services like WPEngine make us feel relax and secure