Title: [Plugin: Better WP Security] Security vulnerability? Last modified: August 20, 2016 --- # [Plugin: Better WP Security] Security vulnerability? * Resolved [Mavrouka](https://wordpress.org/support/users/mavrouka/) * (@mavrouka) * [13 years, 8 months ago](https://wordpress.org/support/topic/plugin-better-wp-security-security-vulnerability/) * Does Better WP Security 3.4.3 have a security vulnerability? See links below: * [http://www.securityfocus.com/bid/55451/](http://www.securityfocus.com/bid/55451/) [http://packetstormsecurity.org/files/116317/Better-WP-Security-3.4.3-Cross-Site-Scripting.html](http://packetstormsecurity.org/files/116317/Better-WP-Security-3.4.3-Cross-Site-Scripting.html) * I have installed your plugin on two sites and have found it to be great, so this is very worrying. Iā€™d be grateful for your comments. * [http://wordpress.org/extend/plugins/better-wp-security/](http://wordpress.org/extend/plugins/better-wp-security/) Viewing 1 replies (of 1 total) * [Bit51 (part of the iThemes family)](https://wordpress.org/support/users/bit51/) * (@bit51) * [13 years, 7 months ago](https://wordpress.org/support/topic/plugin-better-wp-security-security-vulnerability/#post-3036602) * There could have been an issue that, if you were logged in as an admin and could access the settings, you could have set the email or IP addresses in the option to a malicious script. In the wild, for an attacker to make use of this they would have had to already compromised your site. That said, it has been fixed in 3.4.4. Viewing 1 replies (of 1 total) The topic ā€˜[Plugin: Better WP Security] Security vulnerability?ā€™ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=2980272) * [Solid Security ā€“ Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) * 1 reply * 2 participants * Last reply from: [Bit51 (part of the iThemes family)](https://wordpress.org/support/users/bit51/) * Last activity: [13 years, 7 months ago](https://wordpress.org/support/topic/plugin-better-wp-security-security-vulnerability/#post-3036602) * Status: resolved