The Insercorp Development Team has released a patch for iPlasmaCMS2 which improves security by eliminating potential vulnerabilities for both the core release build and the beta release build.

iPlasmaCMS2 version 8.4.27 and iPlasmaCMS2 version 8.5 beta

Security Improvements

• A recent vulnerability scan found two potential vulnerabilities related to the Shortcuts interface in the Control Panel Settings: the Add Shortcut and Insert Link interfaces were accessible over https without being logged in to the Control Panel. While no exploits were revealed it could have caused a future vulnerability.  This potential vulnerability has been mitigated by restricting access to those interfaces to Website Administrators who are logged in to the Website Control Panel.