All-In-One Security Premium Release 1.0.4: AIOS adds adds IP lookup function and fixes XSS Security vulnerability

The latest release from AIOS includes a new IP lookup function that will help developers identify suspicious activity such as password resets.

Our new IP lookup function informs web owners of the IP address of anyone who tries to reset your password, or lockdown your site. If that happens, you’ll receive an immediate email containing this crucial security information. This will help you identify any suspicious or potentially malicious activity. For example, if the IP address comes from an unrecognised country, it’s likely fraudulent.

The release also includes a security fix to remove unnecessary uses of the ‘tab’ query parameter on various admin menu pages. This helps to prevent cross-site scripting vulnerabilities. Cross site scripting allows malicious users to inject unwanted scripts into your website, in this case through the AIOS admin page. Thank you to Matthew Rollings for disclosing the vulnerability.

Premium release 1.0.4 also contains a number of smaller tweaks and fixes, full details of which can be found below.



* SECURITY: Removed unnecessary use of the “tab” query parameter on various admin menu pages to prevent a XSS vulnerability. Thanks to Matthew Rollings for disclosing this defect.

* FEATURE: Added Reverse IP Lookup location data to login lockdown notification email

* FEATURE: Enhance reset password email by adding IP info

* FIX: A fatal error on PHP 8.0+ when you have premium active but not the free version

* FIX: Smart 404 blocking does not work if timezone other than UTC set.

* TWEAK: Various tweaks to get codebase up to coding standards

* TWEAK: Removed some unused files


Get peace of mind, install AIOS premium

The hard work you’ve put into your website deserves the best protection. AIOS Premium monitors your site for trojan horses, adware, worms, spyware and other malicious code that could have devastating consequences for your WordPress investment.

AIOS Premium customers also benefit from personalised, ticketed support from a team of security experts. Advanced two-factor authentication, a country blocking tool and smart 404 error blocking give your website the protection it deserves. 

Get Premium


Share This Post

More To Explore...


WordPress security audit checklist

Ensuring your WordPress website’s security is vital for protecting sensitive data, keeping customer trust, and safeguarding your online business. A