WP Cerber Security 9.1
- A new feature that prevents exposing user’s first name, last name, and ID via an HTTP request with a username (login) in an author_name parameter.
- A new user status report while viewing the user activity/requests log.
- When renders admin pages, WP Cerber uses the language selected on the user profile.
- Improved the speed of rendering of the “Users” admin page. Reduced the number of HTTP requests if some columns on the page are hidden.
- Implemented support for rate limiting when the integrity scanner retrieves checksum data from remote servers.
- The “Users” admin page got links to the “Sessions” page.
- Fixed a bug that allows an attacker to bypass the “Stop user enumeration” feature if it’s enabled (CVE-2022-2939).
- Fixed a bug that produces incorrect messages in the server error log when the WordPress database connection is lost. “PHP Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given…”
- Fixed a bug with not escaping comments in the IP access lists entries.
Download the plugin
Have any questions?
If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered here: G2.COM/WPCerber.
WordPress SecurityNext Post
WordPress 5.4.1. A security update fixes seven XSS vulnerabilities