We’ve fixed a security vulnerability where malicious people can execute PHP code using the Login Widget.

Over the week-end a security issue was brought to our attention and we’ve just released a new version of AccessAlly that removes the ability to run PHP code through AccessAlly.

If you were using the ability to run PHP code in AccessAlly, you’ll want to find another plugin that specifically allows you to do that.

Photo of a roll of duct tape and call to action to check out AccessAlly