We would like to inform you about a recently discovered vulnerability in NextGEN Gallery plugin for WordPress which has been assigned with "Critical" status. This vulnerability allows an unauthenticated user to grab data from the victim’s website database, including sensitive user information.
You may learn more about the vulnerability's risks, technical details, and scenarios at Sucuri blog post available at https://blog.sucuri.net/2017/02/sql-injection-vulnerability-nextgen-gallery-wordpress.html
It has come to our attention that your reseller or resold accounts use the aforementioned plugin, so in order to keep your data safe, it is required to update it to the latest version. The exploit has been patched in the latest update 2.1.79 , so make sure you have updated the plugin to the version 2.1.79 on all your WordPress installations.
Feel free to reply to this email should you have any additional questions or requests. We treat security seriously here at Namecheap, so we would be glad to provide assistance to make sure your data will be protected against hackers.
Friday, March 3, 2017
Powered by WHMCompleteSolution