WP Cerber Security plugin reported bug fixed

The fixed version is 9.1.

Still not back on the WordPress.org but hopefully soon.


In this email we announce an important update to WP Cerber, explain when to expect the plugin to return to wordpress.org, and tell you how to get a 50% discount on the professional version of WP Cerber.

We have released a security update to the WP Cerber plugin and we strongly encourage you to download and install WP Cerber 9.3 using a simple instruction posted on our website.

Here is how: How to install WP Cerber Security – WordPress security plugin, firewall & anti-spam

It’s an important update because a vulnerability had been discovered in WP Cerber 9.1 and several older versions and now it’s been fixed in WP Cerber 9.2. The vulnerability doesn’t pose imminent risk, because to get it exploited by a bad actor, the website admin needs to open the Activity log and start interacting with a specific data of log entries. The full details of the vulnerability will be disclosed later.

Now let us clarify the situation with a temporary inability to install the plugin from the wordpress.org plugin repository. The plugin is temporarily closed on wordpress.org because its code unexpectedly does not meet internal wordpress.org requirements changed this summer. No information regarding the changes has ever been disclosed or published. We faced it when we released WP Cerber 9.1. Over the last few weeks, we have been spending a decent amount of time negotiating the terms of returning the plugin to the wordpress.org repository and making changes to the WP Cerber’s code. The time we could spend on the plugin development. The process is still in progress, the exact date of return is unclear.

During the negotiation, we realized that we can’t rely on somebody’s free repository to deliver our software. Our customers expect us to develop and release new versions of WP Cerber continuously and our plugin updates are available to install whenever it’s needed. Now we’ve failed to do so just because somebody suddenly changed their rules.

Since we have more than enough expertise in software development, we have launched our own software repository and implemented support for it in WP Cerber 9.2.

Installing WP Cerber 9.2 (or newer) immediately and forever changes the way your WordPress installs updates to WP Cerber. If an update is available on wordpress.org, it is installed from it. Otherwise, it is installed from the new WP Cerber repository. It’s configurable. As always with WP Cerber.

It’s time for us to grow and to move on. We hope you are joining us.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.