name: WordPress REST API Vulnerability officially announced: FEBRUARY 1, 2017 Security Risk: Severe Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation + Content Injection Patched Version: WordPress 4.7.2 what: This privilege escalation vulnerability affects the WordPress REST API that was recently added and enabled by default on WordPress 4.7.0….
WP SERVICES
”We sell WordPress as “easy” and it is easy to a point… The expectation is that everything is that simple. However, behind the WordPress dashboard are PHP, CSS, and JavaScript code files that connect to a MySQL database.” Code Poet ~ Locking Down WordPress What is preventative maintenance? We can…
”We sell WordPress as “easy” and it is easy to a point… The expectation is that everything is that simple. However, behind the WordPress dashboard are PHP, CSS, and JavaScript code files that connect to a MySQL database.” Code Poet ~ Locking Down WordPress Updates to latest version Your WordPress…
”We sell WordPress as “easy” and it is easy to a point… The expectation is that everything is that simple. However, behind the WordPress dashboard are PHP, CSS, and JavaScript code files that connect to a MySQL database.” Code Poet ~ Locking Down WordPress What are the disadvantages of upgrading…
”We sell WordPress as “easy” and it is easy to a point… The expectation is that everything is that simple. However, behind the WordPress dashboard are PHP, CSS, and JavaScript code files that connect to a MySQL database.” Code Poet ~ Locking Down WordPress Why should you let us do…
”We sell WordPress as “easy” and it is easy to a point… The expectation is that everything is that simple. However, behind the WordPress dashboard are PHP, CSS, and JavaScript code files that connect to a MySQL database.” Code Poet ~ Locking Down WordPress Why should you upgrade WordPress? WordPress…
Infected code is loaded onto computers from the internet via the web browser, often unknown to the user, when they visit an infected website. These malware programs change browser settings, alter system files and create new default webpages. Typically, malware collects personal information or renders computer unusable. Several malware programs…
name: DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) officially announced: March 2016 what: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the…
WordPress sites are notoriously lacking when it comes to security. Be it due to an insufficient security expertise of the developer, or the use of one of the many FREE plugins available (of which the security cannot be guaranteed). With WordPress running on 1 in 5 sites on the internet,…
