Important Security Disclosure This weekend, while performing a security review of Pods, we found a serious security issue. We have patched every version of Pods on WordPress.org that is affected. In addition, we have released Pods 2.5.1.2 that is identical to Pods 2.5.1.1 the previous release, except with this patch added. We believe this is an especially severe issue as this issue occurred in the PodsUI class, which is not only used for the Pods admin, but is also employed by many end-users to create front-end and back-end content management interfaces for non-admin users. All Pods users are encouraged to update to Pods 2.5.1.2 immediately. If for some reason you need to be on an earlier version, you can download a patched older version of Pods from our WordPress.org plugin page. We immediately informed the WordPress.org security team upon finding the vulnerability. This issue is very similar to the issue discovered and disclosed earlier this week in the WordPress SEO plugin by Yoast. Reading the details of their issue lead us to search for similar security issues in Pods. We applaud their responsible disclosure to the community. Publishing the details helps other developers work to
Share This

We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.