Try Now!
Advertisement

Popular AMP for WP Plugin Patches Critical Security Flaw

  • 374
    SHARES
  • 1.0K
    READS
Popular AMP for WP Plugin Patches Critical Security Flaw
ADVERTISEMENT

A top AMP plugin for WordPress, AMP for WP, has released a patch for a critical security vulnerability.

AMP for WP, which currently has 100,000+ downloads, was pulled from the official WordPress.org plugins section last month.

It has since reappeared as of last week.

The developer says the reason it was pulled was due to a security flow that “could be exploited by non-admins of the site.”

That type of flaw means non-admins could manipulate the plugin settings to place ads, add custom HTML in header or footer, or insert javascript malware.

Please note that this does not refer to the official Google-supported plugin, but it does have a significant number of users.

Downloading the Patch

If you’re one of the many WordPress users with this plugin installed it’s recommended that you download the patch.

Applying the patch is as simple as updating the plugin from your WordPress dashboard.

If you have automatic updates turned on then your plugin may already by patched. Otherwise you will have to update the plugin manually.

ADVERTISEMENT

Subscribe to SEJ

Get our daily newsletter from SEJ's Founder Loren Baker about the latest news in the industry!

Ebook

Matt Southern

Lead News Writer at Search Engine Journal

Matt Southern has been the lead news writer at Search Engine Journal since 2013. With a degree in communications, Matt ... [Read full bio]

ADVERTISEMENT
Advertisement
Read the Next Article
Read the Next