redsand

Hi @iamediaworks,

I don’t use WPSS for security. I use it to prevent spam, period.

It’s important to remember that anti-spam and security are tightly intertwined, so even though you may not realize it, WP-SpamShield does quite a bit behind the scenes to improve site security. Granted, not many anti-spam plugins have the strong security focus that we do, but they’re also not as good at fighting spam. Security has always been a huge part of WP-SpamShield’s core values.

In 2017, it’s more important than ever for site owners to educate themselves on cybersecurity — at least the basics. We’re doing our part to help educate users on security. The vast majority of our users appreciate this.

The most recent version of WP still has the vulnerability, so that was not a mistake, and should not be ignored. We were surprised to see that they did not patch that issue. We just released an update, and since WP-SpamShield mitigates the security threat, users will not see the alert.

We appreciate the feedback and will consider that for the future.

And thanks for a great plugin!

You’re quite welcome! 🙂

– Scott

@mikes-1,

Ok, please try to tone this down a bit. Flaming at us is not going to help anything. I would suggest that you target that frustration elsewhere.

then way are you splattering this huge red warnings across every website…

Those are standard WordPress admin warnings. We added clarification since your initial support request, so users have more info, and know where the warnings come from, and where the data comes from.

and if you now say that your plugin protects the vulnerability then why are you still showing the warning????

The data comes from an external database. We had no idea that WordPress would release a security update, and yet not fix a known security issue. That’s the real issue.

If you noticed, we released our last update before the new WordPress was released. Unfortunately we can’t see into the future.

Instead of flaming at us, I would suggest simply communicating with your clients, that WordPress did not fix the issue, and that WP-SpamShield protects their sites. (Or if you have mitigated the issue by other means, then let them know that.)

We’ve done nothing but try to help you out. We’re not going to respond to any more of these types of messages on this thread.

If you have any further issues, you’ll need to direct them to the WP-SpamShield Tech Support Page.

– Scott

Hi @maginem,

On occasion we may provide updates here at the forum, but all our tech support is done through our site.

We don’t do tech support through the forums. In your case, we’ll need to run some tests and see what’s causing the issue. There are a lot of possibilities, and the info provided is simply too vague to be helpful. It could just be too, that qTranslate-X has not been updated in a year. (WP-SpamShield has been kept up to date.) We just won’t know until we run a few tests.

As noted in the forum sticky post linked above, please direct all support requests to the plugin’s official support venue, WP-SpamShield Technical Support.

– Scott

Outstanding. 👍 🙂

Hello everyone,

Just a quick update: WP-SpamShield version 1.9.9.9.9 has been released now, and provides mitigation for the CVE-2017-8295 WordPress zero-day exploit. Please see the changelog for more info.

– Scott

The 1.9.9.9.9 update seems to be available now. Please try to update again. If anyone has further issues, let us know and we’ll provide a link on our site to download it manually.