There is a flaw in Concrete5 CMS prior to version 8.5.6 which means hackers can gain control of your website and any personal data held within it.

This vulnerability within Concrete5 which it can potentially be hacked.  The good news is that v8.5.6 of Concrete5 has been released to address this vulnerability and we recommend all clients update to it  asap.  

According to, the specific version targeted is v8.5.2

Unfortunately, not doing this update means that the site could be hacked which would take it over, add malicious code even take it down.  There could also be a leak of personal details or other data, so this is a very serious situation.  

The cleanup process can potentially then be difficult and expensive, because you would need to find all of the malicious code and any added files that the hackers place around the site.

Rest assured Concrete5 remains an excellent platform with a good level of security.  If websites are kept up to date, a Concrete5 website can last a very long time with only very minimal, occasional updates.

Therefore prevention is much better than cure in this case, so we recommend updating to 8.5.6+ as soon as possible.  We are working through our clients sites updating them.  If you need help updating your website please get in touch as soon as possible using the details below:

What's next?

Contact us for a friendly, no-obligation chat about your project...

Telephone 0800 111 4504

Email Email us

Chat Live Chat

Who are we?

We are a digital agency specialising in Web Design, Development, Concrete5 and digital marketing, based in London & West Sussex.

We make digital simple. Our purpose is to simplify your frustrations in digital and solve the challenges you face to help make you more money and progressively grow your business or organisation.

Tell me more

Keep up to date

Call us