Posted By Gregory

WP Cerber Security 9.1

New features

  1. A new feature that prevents exposing user’s first name, last name, and ID via an HTTP request with a username (login) in an author_name parameter.
  2. A new user status report while viewing the user activity/requests log.

Minor improvements

  1. When renders admin pages, WP Cerber uses the language selected on the user profile.
  2. Improved the speed of rendering of the “Users” admin page. Reduced the number of HTTP requests if some columns on the page are hidden.
  3. Implemented support for rate limiting when the integrity scanner retrieves checksum data from remote servers.
  4. The “Users” admin page got links to the “Sessions” page.

Fixed bugs

  1. Fixed a bug that allows an attacker to bypass the “Stop user enumeration” feature if it’s enabled (CVE-2022-2939).
  2. Fixed a bug that produces incorrect messages in the server error log when the WordPress database connection is lost. “PHP Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given…”
  3. Fixed a bug with not escaping comments in the IP access lists entries.

Download the plugin

Wonder what WP Cerber got in the previous version?

Review the release note for WP Cerber Security 9.0.

How to install WP Cerber on your WordPress

Enable automatic updates in the plugin settings or use this instruction on how to install WP Cerber if you do not have it on your website.

Have any questions?

If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.

Spotted a bug or glitch?

We’d love to fix it! Share your bug discoveries with us here: Bug Report.

I'm a software engineer and team lead at Cerber Tech. I started coding in 1993 on IBM System/370 and today software engineering at Cerber Tech is how I make my living.

View Comments