Just as the bloggers sphere starts bringing out declarations of doom and gloom for the million plus users of W3 total cache, a fix is released.

The problem was after software engineers found that content on a URL parameter was not being screened by the plugin. This meant that a hacker could, in theory, add malicious code.

This is another example of how highly the community will scrutinise its top plugins, themes and core code. It also reminds us why we must keep plugins updated when available. I would still say that more than half of the problems with broken sites, or hacked sites, are due to plugins not being updated.