Home Tags Wordpress

Tag: wordpress

Interpol unplugs nearly 9,000 Asian command and control networks

WordPress plug-in bug exploited in eight countries An Interpol investigation has revealed a worrying degree of insecurity in sout-east Asian countries, with even government-operated Web servers infected to operate as command and control systems for bot-herders.…

Ars is hiring an experienced Web developer

Note: You won't be troubleshooting print drivers unless you're into that sort of thing.

Fake SEO Plugin Used In WordPress Malware Attacks

Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.

WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks.

WordPress 4.7.3 Patches Half-Dozen Vulnerabilities

WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.

WordPress fixes XSS, CSRF flaws in latest core update

It’s been a bad few weeks to be a WordPress administrator, with a number of security updates to the core content management system and a handful of widely used third-party plugins.

Get those patches before someone comes along and defaces your website, steals information from the database, or modifies the site to distribute malware.The latest update, version 4.7.3, is a combination maintenance release and security update that addresses six security vulnerabilities and 39 maintenance issues.

Three of the six security vulnerabilities can lead to cross-site scripting attacks.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]“This is a security release for all previous versions, and we strongly encourage you to update your sites immediately,” WordPress said in its release notification.To read this article in full or to leave a comment, please click here

WordPress 4.7.3 Updates for Six Security Issues

The open-source WordPress blogging and content management system fixes six vulnerabilities, including three Cross Site Scripting flaws.

VU#608591: PHP FormMail Generator generates code vulnerable to multiple issues

PHP forms generated using the PHP FormMail Generator are vulnerable to stored cross-site scripting and unrestricted upload of dangerous file types.

WordPress 4.7.3 Fixes Cross Site Scripting Vulnerabilities

The third security update in 2017 for the open-source WordPress blogging and content management system fixes six vulnerabilities.

Put down the coffee, stop slacking your app chaps or whatever...

Attention web scribes: Six nasty flaws found in publishing tool Internet scribblers who use WordPress must update their installation of the publishing tool following the disclosure and patching of six security holes.…

WP Engine Announces PHP 7 Availability For All Customers

Promise Of Incredible Speed And Performance Benefits To 60,000 Customers WorldwideLondon, UK — March 6, 2017 — WP Engine, the world’s leading WordPress digital experience platform, today announced it is making the PHP 7 environment available and an easy upgrade process for all existing and new customers. WP Engine conducted extensive testing to ensure that all of the company’s 60,000 customers have a path to adopt PHP 7, which offers dramatically improved website performance and... Source: RealWire

WordPress photo plugin opens ‘a million sites’ to SQLi database feasting

Using NextGEN Gallery? Update or kill it with fire A critical flaw has been found in the third-party WordPress NextGEN Gallery plugin that is, according to wordpress.org, actively used by more than a million websites.…