Dear users,
It has been reported (thanks to @kyzoeadmin ) that the "wp-cli login command" plugin which is automatically installed by Enhance when WordPress SSO is used has received some recent security updates. Since this plugin is installed via a WordPress package it will not automatically update with the rest of your plugins.
Enhance always installs the latest version of this plugin and therefore any websites which used SSO for the first time since 1.5.0 was released will already have the latest version.
Older websites can have the plugin updated with wp-cli. If you have a small number of WordPress sites you can easily update the plugin manually.
If you have a large number of sites, I have prepared a small bash script to help automate this.
Before proceeding, verify you have an up to date backup of your websites
In preparation, you need to enable the Enhance PAM module for sudo since this is not activated by default. As root:
echo "session required pam_ns.so user_map=/tmp/user_map" >> /etc/pam.d/sudo
If your system has a separate /etc/pam.d/sudo-i
echo "session required pam_ns.so user_map=/tmp/user_map" >> /etc/pam.d/sudo-i
Now write the following content to a file called update.sh or similar:
#!/bin/bash
for user in `cat /etc/passwd | grep /var/www/ | cut -d ":" -f 1`; do
echo "Beginning $user"
sudo -u $user -i bash -c "wp-cli --path=public_html package update aaemnnosttv/wp-cli-login-command"
sudo -u $user -i bash -c "wp-cli --path=public_html login install --activate --yes"
echo "Done $user"
done
Now make the script executable:
chmod +x update.sh
(replace update.sh with whatever you named the file)
Finally:
./update.sh
This script will update installations in public_html. If you have installations outside of public_html you will need to modify the script. It should have no effect on non-WordPress websites.
