Alert: WordPress Security Update – July 2025
Wordfence has released security patches for its WordPress plugin, addressing multiple vulnerabilities that could be exploited by attackers to compromise the integrity and security of affected systems.
Affected Systems:
The affected systems and versions include, but are not limited to:
-
Events Manager: versions <= 6.6.4.4 and 7.0.1 - 7.0.3.
-
WPBookit: versions <= 1.0.4.
-
Nokri – Job Board WordPress Theme : versions <= 1.6.3.
-
GB Forms DB: versions <= 1.0.2.
-
BeeTeam368 Extensions : versions <= 2.3.5
Security Risks
The identified vulnerabilities in various WordPress plugins pose a serious threat, potentially allowing attackers to compromise affected systems and gain unauthorized control.
Recommended Actions
The National Cyber Security Authority (NCSA) recommends users and system administrators to:
-
Update, as soon as possible, to the latest supported version for the WordPress plugin in order to address the vulnerability and effectively mitigate associated risks.
The WordPress plugin versions available for upgrade include, but are not limited to:
-
Events Manager: Upgraded to version 6.6.5 or above and version 7.0.4 or above
-
WPBookit: Upgraded to version 1.0.5 or above.
-
Nokri – Job Board WordPress Theme : Upgraded to version 1.6.4 or above.
-
GB Forms DB: Upgraded to version 1.0.3 or above
-
BeeTeam368 Extensions : Upgraded to version 2.3.6 or above.
-
Before updating or patching, please ensure that you have the latest backup that can easily be restored.
For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.
References
14 July 2025
More updates