Security Advisory: Vulnerability Resolved in Solid Central (formerly iThemes Sync)
We are writing to inform you of a low-risk vulnerability recently identified within the post duplication feature of the Solid Central plugin. This vulnerability affects versions 3.2.8 and below of the Solid Central / iThemes Sync helper plugin. The Resolution: Version 3.2.9 To fully resolve this issue and ensure the security of your sites, we have released an update that permanently retires the post duplication functionality.
We are writing to inform you of a low-risk vulnerability recently identified within the post duplication feature of the Solid Central plugin.
This vulnerability affects versions 3.2.8 and below of the Solid Central / iThemes Sync helper plugin.
The Resolution: Version 3.2.9
To fully resolve this issue and ensure the security of your sites, we have released an update that permanently retires the post duplication functionality.
By removing this specific feature, we have eliminated the vulnerable code path entirely. If you currently rely on post duplication, we recommend migrating to one of the many high-quality, dedicated alternatives available for free in the WordPress.org plugin directory.
Our Product Focus
We have been planning to sunset this feature for some time. Our core vision for Solid Central is to provide the industry’s best site management platform—focusing on security, backups, and updates—rather than content management tools like post editing.
While this disclosure accelerated our timeline, our engineering and product teams agreed that streamlining the plugin now was the most effective way to keep your sites lean and secure.
Required Action
Please update the Solid Central helper plugin to the latest version (3.2.9 or higher) immediately. Updating will automatically remove the vulnerable code. To date, we have received no reports of this vulnerability being exploited in the wild; however, immediate updates are always a best practice to stay ahead of potential threats.
We appreciate your continued trust in Solid Central to be the most secure and efficient site management tool for your workflow.
Join us for the next Solid Academy Webinar!
Free weekly webinars that will help you master WordPress and increase your business's bottom line.
What is a WordPress Phishing Attack?
Learn how to identify and prevent phishing attacks on WordPress websites.
Kiki SheldonWebsite Protection: 5 Ways to Keep Your Website Safe
Robust website protection is the shield that stands between your business and relentless cyber attacks. Prioritizing website protection enables businesses to fortify defenses to safeguard their online presence and preserve the trust of their customers in the face of ever-evolving cybersecurity threats.
Kiki Sheldon23 Ideas To Grow Your WordPress Business in 2023
WordPress is the most popular website-building platform worldwide, trusted by numerous brands. WordPress enables you to build a user-friendly and highly reliable site, together with tools and plugins to enhance your marketing and work like a lead magnet. All these features make WordPress the platform chosen by more than 43% of businesses globally.
SolidWP Editorial TeamSign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Get started with confidence — risk free, guaranteed
