Polish security expert Dawid Golunski has discovered a zero-day in the WordPress password reset mechanism that would allow an attacker to obtain...
[jpshare] Wordpress vulnerable to Cross-Site Request Forgery in Connection Information – Not yet fixed with the last Update. WordPress is a free online...
This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a...
Another day, another important security update for WordPress. Oh boy. If you administer your own self-hosted WordPress website then your must update...
A famous WordPress gallery plugin which has more than one million installations has these days patched a serious vulnerability which permits the...
The vulnerability can lead to attackers grabbing data from website database or user sensitive information. A new SQL Injection vulnerability was discovered...
Closing week, we told about a important zero-day flaw in WordPress that become silently patched by way of the company earlier than hackers...
Attackers didn’t wait long to capitalize on laggards slow in updating their WordPress sites to patch a critical content injection vulnerability addressed...
Ultimate week, WordPress patched 3 security flaws, but simply the day gone by the employer disclosed approximately an uncongenial then-mystery 0-day vulnerability...
The WordPress security team revealed that they’ve secretly fixed a zero-day vulnerability in the WordPress CMS REST API.The vulnerability in this case...
As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for...
Developers with WordPress fixed three security issues this week, including a cross-site scripting and a SQL injection vulnerability, with the latest version...
Introduction The Google Forms WordPress Plugin fetches a published Google Form using a WordPress custom post or shortcode, removes the Google wrapper...
According to the release notes the latest version of WordPress 4.7.1 addresses eight security vulnerabilities and other 62 bugs. Wednesday the latest...
Based on statistical data gathered by Sucuri from 7,937 compromised websites, WordPress, Joomla, and Magento, in this order, continued to be the...
In this tutorial we are going to show you how to use free SSL on your wordpress site using Cloudflare’s Free Flexible...
Short Bytes: This is a simple and real account of how I prevented 508 resource limit error on my personal blog. How it...
Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin....
We first disclosed that the WordPress pingback method was being misused to perform massive layer 7 Distributed Denial of Service (DDoS) attacks back in...
Attackers are adding unauthorized code at the top of infected websites, over 3,500 8sites already infected. Alarms are ringing in Symantec’s offices,...
Image: zend Short Bytes: The PHP development team has released PHP 7.0.0, marking the new major PHP 7 series. This new version...