Content Planning for Your WordPress Website

WordPress Plug-In Vulnerabilities: Gravity Forms

Some of you may have recently received emails from your website hosts (GoDaddy, Bluehost, Domain.com, FatCow, iPage, etc.) regarding a recent discovery of a security weakness in the popular plug-in Gravity Forms, which is used to create contact forms. iCandy uses Gravity Forms on many of our websites for contact forms and registration forms.

In addition, there have been recent security warnings about the Yoast plug-in, which is used for search engine optimization (SEO).

The creators of both of these popular and well-supported plug-ins have fixed the security issues and are encouraging users to update their plug-ins as well as their WordPress to the most up-to-date versions as soon as possible.

PayPal has also recently updated some of their WordPress extensions for security reasons.

You may have received an email with the subject line: “WordPress Emergency Plugin Update(s).” Some web hosts have even “force updated”  WordPress installations to protect them from potential hackers. If you received a notification that your WordPress and plug-ins have been automatically updated for you, you should make sure your website is up and running and looks and functions like it normally does.

We normally recommend having your WordPress, themes and all plug-ins updated by a professional twice a year. Because of the recent security concerns, we recommend that everyone with a WordPress website get their websites updated now.

If your website has been built in the last few months or if you recently had updates done or a site migrated, you may be able to do the updates yourself with little risk. For most websites, however, we recommend hiring a WordPress developer to help you with these updates.

Please read the following article for more information: Should You Update Your Own WordPress Website?

iCandy Graphics & Web Design offers the following package:

SECURITY AND UPDATE PACKAGE:
This package includes updating WordPress, theme and all plug-ins and a website security inspection for malicious code, file tampering and interference. This also includes complete file and database backup.

$200 one-time update 
$225 ecommerce websites one-time updates
$350/year for biannual updates

More Security Information:
http://blog.sucuri.net/category/vulnerability-disclosure
https://ppmts.custhelp.com/app/answers/detail/a_id/1236
https://yoast.com/wordpress-seo-security-release
https://my.bluehost.com/cgi/help/update_wordpress_plugins