Today we’ve released an update for the discontinued 2.x version of WPtouch Pro which includes an important XSS security vulnerability fix. All users of WPtouch Pro 2.x should update to this release immediately. We are not releasing explicit details on this flaw (as it could be used against our customers), but the fix prevents plugin files from being used to gain control of information on a server and/or inject code.

You can upgrade by visiting your WordPress admin plugins page and upgrading, or by visiting our Support Center and downloading a fresh copy of WPtouch Pro 2.8.3.

Note: WPtouch Pro 3.0 customers are NOT affected by this vulnerability, nor are free users of the plugin.