The fifth patch release of MODX Revolution 2.6

by Jay Stephen Gilmore

Published on July 12, 2018

Today we released MODX Revolution 2.6.5. It contains fixes for two critical security vulnerabilities affecting all versions at or prior to 2.6.4. Upgrading to 2.6.5 should be considered mandatory.

Highlights

This release is to resolve and protect sites from two critically serious security issues that allow for remote script execution, in one case, and in the other, allows attackers to remove files or folders. You can read the security announcement for more details.

If you haven’t upgraded to MODX Revolution 2.6.x yet, learn more from its original release announcement.

Upgrading is Critical

Revolution 2.6.5 contains critical security enhancements, you should upgrade to 2.6.5 now. See below for more info.

We cannot stress the importance of diligently upgrading to the latest version of MODX enough. While no software is 100% secure, powering your site with the most current version usually helps protect you from hackers that rely on exploiting outdated software. If you’re not sure what version of MODX Revolution you’re running, log into your website Manager. If the version number doesn’t appear in the top left-hand corner of the Manager, go to Manage>Reports>System Info.

If you need help upgrading your site, please contact your website builder, find a MODX Professional or get in touch with MODX Support.

Release contributors

We would like to thank Ivan Klimchuk (Alroniks) and agel_nash for reporting and validating these issues and helping keep MODX secure.

Get Started with Revo 2.6

Here’s what you need to get started or upgrade to MODX Revolution 2.6:

Ask Not What MODX Can Do For You

MODX is possible because of the many individual community members and users that take the time to report issues, request new features, and submit code to the project. Make sure you read the documentation, post feedback and share your experiences in the MODX community forums.

On behalf of the entire MODX Team and our fantastic community of contributors, we thank you!

Millions Rely on MODX

In 2005, MODX could power a fully mobile-responsive website using HTML5 and CSS3, even though those technologies weren’t invented yet. And with MODX today, you’re ready not only for what you need now but also what comes next.

Try MODX Right Now