WordPress
Bug in WordPress plugin allows unauthorized file upload
WordPress users who also use the MailPoet plugin are urged to update it as soon as possible, as all versions but the latest one are plagued with a critical flaw that could …
Jetpack pushes update to close critical security hole
The developers of Jetpack, one of the most widely used WordPress plugins, are urging users to download and implement the latests versions that fix a critical security bug. …
WordPress releases important security update
WordPress 3.8.2 is now available. This is an important security release for all previous versions and you should update immediately. This releases fixes a weakness that could …
WordPress sites hijacked via “free” premium plugins
If you run a WordPress site, and are trying to make some money through it, think twice before installing “free” versions of premium plugins. Researchers from …
Over 162,000 WordPress sites exploited in DDoS attack
DNS and NTP servers are not the only publicly accessible resources that can be misused to amplify DDoS attacks. Sucuri CTO Daniel Cid revealed details of a recent incident in …
Two-factor authentication for WordPress using Rublon
Rublon provides automatic two factor authentication for web applications. It currently supports Drupal, WordPress, Magento, PrestaShop and OpenCart. Two-factor authentication …
Security vulnerability in the Duo WordPress two-factor authentication plugin
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures …
WordPress 3.7 delivers important architectural updates
WordPress 3.7, named Basie, is available for download or update in your WordPress dashboard. Updates include: Updates while you sleep: With WordPress 3.7, you don’t have …
WordPress security threats, protection tips and tricks
Robert Abela is a WordPress Security Professional and founder of WP White Security. In this interview he talks about the main WordPress security risks, offers tips for website …
Backdoor brute-forces Joomla and WordPress sites
A recently discovered backdoor with brute-forcing capabilities that are used against Joomla- and WordPress-managed blogs has shown, once again, the importance of keeping your …
The security of WordPress plugins
Checkmarx’s research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection. Furthermore, …
WordPress sites targeted by mass brute-force attack
US-CERT has issued an alert regarding the ongoing massive brute-force attacks against WordPress sites, warning users and administrators to keep their installation always …