At WP Engine, we take the security of your sites very seriously, and we strive to proactively keep you aware of any potential issues or vulnerabilities that could impact the sites you entrust to us.
Here at WP Engine, our Security Engineers immediately sprang into action and had placed a patch on our environment within three hours of the vulnerability being announced yesterday. This means that all WP Engine customers are safe and not vulnerable to this issue. You do not need to take any mitigation steps such as turning off comments, or wait for a WordPress update to ensure you are secure.
We’re proud to continue to fulfill our commitment to our customers by ensuring your sites are safe and secure.