WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.
Tag Archives: WordPress Vulnerabilities
WordPress 4.7.2 Update Fixes XSS, SQL Injection Bugs
WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
WordPress Plugins Leave Black Friday Shoppers Vulnerable
Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.
WordPress Security Update Patches Two Dozen Flaws
WordPress updated to version 4.5.3, a security release for all versions.
Vulnerabilities Identified in Several WordPress Plugins
Researchers have identified a handful of vulnerabilities present in three different plugins used by the content management system WordPress.
WordPress Sites Backdoored, Leaking Credentials
Zscaler has discovered a number of WordPress sites that have been backdoored and sending credentials to a hacker-controlled website.
WordPress Ecommerce Plugin Vulnerability Details Disclosed
Details on a number of unpatched vulnerabilities in a popular WordPress ecommerce plugin called CartPress were disclosed.
FBI Warns of Phony Sites Offering Government Services
The FBI has warned consumers about a rash of phony websites posing as government services.
More than 1 Million WordPress Sites Open to SQL Injection Attacks
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.
Following Exploits, Zero Day in WordPress Plugin FancyBox Patched
Developers have patched a zero day vulnerability in FancyBox, a plug-in for WordPress, which allowed malware to be added, via an iFrame, to infected sites.