RocketGeek

Home of WP-Members, The Original WordPress Membership Plugin

Home » Archives for Uncategorized

Uncategorized

PSA: Fake CVE-2023-45124 Phishing Scam Tricks Users Into Installing Backdoor Plugin

· ·

There is currently a phishing scam targeting WordPress users. It involves an email indicating that you have a vulnerability on your WordPress site and leads you to download a patch plugin for the vulnerability. The plugin, however, installs a backdoor exploit that hackers can use to gain access to your site.

Wordfence has a complete article with details on the plugin, the exploit, detection, and mitigation.

I would say that the best offense is a good defense. In other words, don’t download the scam to begin with. But this one is a dangerous one because it looks legit and could fool even seasoned WordPress admins – which is why I’m adding this PSA to my site – the more people that are aware, the (hopefully) fewer people that will be affected.

WP-Members User Tracking 1.4.5

· ·

This article is provided free. Find out how you can get full access to premium content, including how-to articles and support forums, as well as priority email support and member exclusive plugin extensions..

 

The User Tracking extension has received an update and this was pushed out to production this morning. The new version is 1.4.5 and it includes a number of updates.

  • Fixes a bug that causes an invalid page link when clicking a individual user. Previous versions were pointing to users.php. This version corrects it to index.php. All previous versions have this bug and should update.
  • Updates to load default settings if no settings are loaded. This is particularly for initial activation and setup in production systems where debugging is enabled. If no previous settings were saved, it would display undefined variable notices. This is more of an annoyance than a bug, but never-the-less, it is corrected in this update.
  • Updates to replace wpmem_create_formfield() with wpmem_form_field(). The former is an older, obsolete function in WP-Members core. That function will be completely obsolete in future versions of WP-Members starting with 3.5.0, which is due out this month. You’ll need to update User Tracking to 1.4.5 to be compatible with WP-Members 3.5.0 going forward. (It will remain compatible with earlier versions of WP-Members).

WP-Members 3.0 Early Testing

· ·

This article is provided free. Find out how you can get full access to premium content, including how-to articles and support forums, as well as priority email support and member exclusive plugin extensions..

 

WP-Members 3.0 is nearing the testing stage. This update to the plugin is really exciting because I have been working on moving the plugin to be more Object Oriented.  The current version of the plugin is very extensible.  But I want to move that forward to be even more so.  The new Object Oriented approach and the new settings array is going to leverage the extensibility of the plugin to a fully customizable framework.

As usual, I want to update process to be seamless for existing users.

Because of the changes to the way the core settings are stored, this means lots of testing.  I am hoping there are users out there that are interested in testing out the new version.  Continue Reading →

Ready to get started?

Join Today!