WordPress
WordPress most targeted CMS by hackers?
Imperva released the results of its Web Application Attack Report (WAAR), the result of analysis of a subset of 99 applications protected by Imperva’s WAF over a period …
WordPress vulnerability database
Back in 2012, the fine folks behind the BruCON conference announced that from the 2013 edition of their popular event, a special budget will be allocated for supporting …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …
Bug in WordPress plugin allows unauthorized file upload
WordPress users who also use the MailPoet plugin are urged to update it as soon as possible, as all versions but the latest one are plagued with a critical flaw that could …
Jetpack pushes update to close critical security hole
The developers of Jetpack, one of the most widely used WordPress plugins, are urging users to download and implement the latests versions that fix a critical security bug. …
WordPress releases important security update
WordPress 3.8.2 is now available. This is an important security release for all previous versions and you should update immediately. This releases fixes a weakness that could …
WordPress sites hijacked via “free” premium plugins
If you run a WordPress site, and are trying to make some money through it, think twice before installing “free” versions of premium plugins. Researchers from …
Over 162,000 WordPress sites exploited in DDoS attack
DNS and NTP servers are not the only publicly accessible resources that can be misused to amplify DDoS attacks. Sucuri CTO Daniel Cid revealed details of a recent incident in …
Two-factor authentication for WordPress using Rublon
Rublon provides automatic two factor authentication for web applications. It currently supports Drupal, WordPress, Magento, PrestaShop and OpenCart. Two-factor authentication …
Security vulnerability in the Duo WordPress two-factor authentication plugin
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures …
WordPress 3.7 delivers important architectural updates
WordPress 3.7, named Basie, is available for download or update in your WordPress dashboard. Updates include: Updates while you sleep: With WordPress 3.7, you don’t have …
Featured news
Resources
Don't miss
- Fake OAuth client IDs are helping attackers slip past sign-in logs
- Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
- Why SBOMs, signing, and provenance still don’t tell you if software is safe
- Cynative: Open-source deep research agent
- Microsoft demystifies how Windows updates work