WordPress Loginizer Plugin Was Automatically Updated Due To Vulnerability

October 30, 2020

Written by wukovits

wordpress loginizer plugin was automatically updated due to vulnerabilityWordPress tends to take a light-handed approach when it comes to managing the legions of plugins that are compatible with the most popular blogging platform on the planet. This time, however, they’re taking a different approach. They’re forcing a security update to counter a dangerous bug in a wildly popular plugin that’s being used by more than a million websites around the world.

The plugin in question is Loginizer, which was designed to help websites fight back against brute force attacks by blocking the login function for a given IP address once a certain threshold of login retries has been reached.

It’s an indispensable plugin, honestly, but researchers discovered a fatal flaw in it in the form of an SQL injection issue. The issue could have allowed a hacker to take complete control over the site running the older version of the plugin, thus, WordPress’ decisive action, which forces an update on everyone who uses it.

While we normally don’t approve of such heavy-handed measures, in this particular instance, we feel it was justified. Had the company not taken the action it did, users would have been slow to update the plugin, and many may not have updated at all, or even been aware there was an issue. This way, everyone is protected, and it happened quickly, in an organized manner.

In an ideal world, some other solution could have been implemented, but then, in an ideal world, hackers wouldn’t abuse security flaws and loopholes in the first place. Here, WordPress made the best of a number of bad decisions and took swift decisive action designed to keep their massive user base safe and protect their brand image. While it’s less than ideal, we applaud the company for their efforts.

If you use the plugin in question, just be aware that you’re getting an update whether you want one or not. In this case, that’s probably not a bad thing.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...