iThemes Security 4.3.11

iThemes Security was updated to version 4.3.11, from version 4.3.9. Changelog:


  • Low Severity Security Fix – Lack of access control patched.
  • Fixed an error in XMLRPC blocking when $username variable cannot be found.


  • Remove error message if WP_Error is returned with wp_remote_post in malware scan
  • Fixed bug where away-mode was still enabled after one-time period has passed which could result in away mode activating when it should not.
  • Ensure that individual module updates fire when updating the plugin.
  • Added function to retrieve current URL from the front-end.
  • Fixed error in brute force protection that counts valid logins with XML-RPC as bad logins towards a brute force lockout.