We have identified and have sent notices out to any of our clients that have been affected by this possible vulnerability listed here:
Serious Vulnerability in WordPress Plugin sold via Envato Market (marketblog.envato.com)
If this affects your website, we'll let you know and specify how many Maintenance Blocks it would take to get this upgraded. It's an upgrade we highly suggest doing.
Basically, all websites today are made from pre-made pieces of software. To code an entire website from scratch would just be way too expensive. The design might be original or custom made but even then, we're using libraries and packages to help get it coded. It's good to do this because that pre-made code has been tested pretty well. Even then, no software is completely secure, so updates will inevitably come out.
Because your website is only as strong at its weakest link, you want to make sure you're keeping your entire website up to date - not just the core software like WordPress, Magento or Joomla. Since we cannot see the future, we can only make sure that the latest updates and patches have been applied to your website at the time it launches. Post-launch, you are responsible for keeping your website software up to date. We do provide this as a service and since we created your website, we do our best to keep an eye on any updates that come out.
If you have any questions, please let us know.