A popular AMP for the WordPress plugin fixes a critical security hole

The AMP plug-in for WordPress, AMP for WP, has released a patch for a critical security vulnerability.

AMP for WP, which currently has more than 100,000 downloads, was taken from the official section of WordPress.org plugins last month.

It has since reappeared last week.

The developer claims that the reason for this withdrawal is due to a security flaw that “could be exploited by non-administrators of the site”.

This type of flaw means that non-administrators can manipulate the plug-in’s settings to place ads, add custom HTML code in the header or footer, or insert a malicious JavaScript program.

Download the patch

If you are one of many WordPress users with this plugin installed, it is recommended that you download the hotfix.

Applying the patch is as easy as updating the plugin from your WordPress dashboard.

If you have enabled automatic updates, your plugin may already be fixed. Otherwise, you will need to update the plugin manually.

 

Leave a Reply

Your email address will not be published. Required fields are marked *