The insecurity of WordPress plugins has been well documented, especially over the last year, but in the grand scheme of things, it’s not as bad as it seems, experts claim.
Tag Archives: wordpress
Vulnerability Patched in WordPress Theme That Allows Unrestricted Uploads
A vulnerability has been patched in a popular WordPress theme called Neosense that allows an attacker to upload code without authentication.
WordPress Update Resolves XSS, Path Traversal Vulnerabilities
Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday.
WordPress Patches Zero Day in WP Mobile Detector Plugin
WordPress patched a zero day vulnerability in the WP Mobile Detector plugin that had been publicly attacked for close to a week.
WordPress Patches SOME, XSS Flaws in Version 4.5.2
WordPress has issued a security release, patching a SOME vulnerability in Plupload, and a reflected cross-site scripting bug in MediaElement.js.
WordPress enables Free HTTPS Encryption for all Blogs with Custom Domain
Do you own a custom domain or a blog under the wordpress.com domain name?
If yes, then there is good news for you.
WordPress is bringing free HTTPS to every blog and website that belongs to them in an effort to make the Web more secure.
WordPress – free, open source and the most popular a content management system (CMS) system on the Web – is being used by over a quarter of all websites across
Joomla Sites Join WordPress As TeslaCrypt Ransomware Target
Joomla is the newest prey of attackers behind a campaign that has targeted WordPress websites by injecting JavaScript files with malicious code.
WordPress Update Fixes SSRF, Open Redirect Vulnerability
WordPress’ latest version, 4.4.2, fixes a handful of bugs and vulnerabilities in the content management system.
WordPress 4.4.1 Update Resolves XSS Vulnerability
Developers at WordPress are warning users of the content management system to download and apply the most recent update, pushed yesterday, to address a cross-site scripting vulnerability.
WordPress Fixes Critical Stored XSS Error in Akismet
Developers at Automattic fixed a stored cross-site scripting error this week in Akismet, the anti-spam plugin that figures into millions of WordPress websites.