There is a new serious WordPress vulnerability in certain versions of two popular WordPress caching plugins, W3TC and WP Super Cache. The vulnerability allows remote PHP code to be executed locally on a server for anyone running either of the plugins. An attacker could then execute code on the infected server.

CloudFlare has applied a rule to their network which automatically protects all CloudFlare customers, including those on free plans. Details about the vulnerability are available at:

W3TC and WP Super Cache Vulnerability Discovered, We've Automatically Patched - CloudFlare blog

If you have not done so already, please make sure to update these plugins and keep any other plugins that you use updated, or remove them from your wordpress or other apps that you run on your web site.

Free Cloudflare service is available to GlowHost customers inside of their web site control panel (cPanel).

You can enable this service to protect your sites against these and other known vulnerabilities, along with many other useful features which come with the Cloudflare service.