Posted By Gregory

WP Cerber Security 9.1

New features

  1. A new feature that prevents exposing user’s first name, last name, and ID via an HTTP request with a username (login) in an author_name parameter.
  2. A new user status report while viewing the user activity/requests log.

Minor improvements

  1. When renders admin pages, WP Cerber uses the language selected on the user profile.
  2. Improved the speed of rendering of the “Users” admin page. Reduced the number of HTTP requests if some columns on the page are hidden.
  3. Implemented support for rate limiting when the integrity scanner retrieves checksum data from remote servers.
  4. The “Users” admin page got links to the “Sessions” page.

Fixed bugs

  1. Fixed a bug that allows an attacker to bypass the “Stop user enumeration” feature if it’s enabled (CVE-2022-2939).
  2. Fixed a bug that produces incorrect messages in the server error log when the WordPress database connection is lost. “PHP Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given…”
  3. Fixed a bug with not escaping comments in the IP access lists entries.

Download the plugin

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered here: G2.COM/WPCerber.

I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments