Custom Plugin Security Updates

Custom plugins used on CampusPress are client-owned and client-maintained.

CampusPress does not manage, maintain, or test custom plugin functionality. Clients remain responsible for ongoing development, compatibility, and validation.

Security Exception

If a security vulnerability is identified in a custom plugin that presents a material risk, CampusPress may take action to protect the platform and affected sites.

Our response is based on the severity and likelihood of exploitation, using trusted security intelligence.

How We Respond

• High-risk vulnerabilities
  Where a vulnerability is actively exploited or is highly likely to be exploited, CampusPress may apply a security update without prior approval to reduce immediate risk. Clients are notified during or shortly after deployment.
  
• Medium-risk vulnerabilities
  Where a vulnerability presents a moderate risk, clients are notified and expected to take action. Updates are not applied automatically at this stage.
  
• Low-risk vulnerabilities
  Where a vulnerability is assessed as low risk, clients are notified for awareness and planning. No action is taken by default, although applying the update is recommended as part of regular maintenance.
  

Important Notes

• Security updates do not transfer ownership or maintenance responsibility to CampusPress.
  
• CampusPress does not perform functional or regression testing for custom plugins.
  

Clients are responsible for validating site behaviour after any update.

Ask our team for more information Contact us

Get started with CampusPress today Contact sales