WP Security

GDPR

06 Jun: bite-size GDPR: Processing

Processing can be any activity or set of activities performed on personal data, e.g. viewing, collecting, storing, transferring, modifying, erasing. Simply put, pretty much anything you do with your customers’ data on purpose is “processing.” GDPR Art. 4 (2): ‘processing’ means any operation or set of operations which is performed...

wp-security

14 May: WP Security: 11 plugin vulnerabilities in April 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: WP Security Audit Log Plugin Sensitive Information Disclosure reported by Colette Chamberland (https://www.defiant.com; @cjchamberland). No protection on the wp-content/uploads/wp-security-audit-log/*; which is indexed by google and allows for attackers to possibly find user information (bad login attempts). Google...

wp-security

02 Mar: WP Security: 11 plugin vulnerabilities in February 2018

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Splashing Images Authenticated PHP Object Injection reported by Dewhurst Security. The /admin/partials/wp-splashing-admin-main.php in the wp-splashing-images plugin before 2.1.1 for WordPress allows authenticated (administrator, editor, or author) remote attackers to conduct PHP Object Injection attacks via crafted serialized...