WordPress Reinforce

By Csaba, Miklós WP Security WP SERVICES

02 Oct: WordPress protection: Core vulnerabilities September

For your WordPress protection, be informed about the latest WordPress Core vulnerabilities fixed in security release WordPress 4.8.2 from September 2017. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly…

By Csaba, Miklós WP Security WP SERVICES

01 Oct: WP Security: plugin vulnerabilities September

For your WP Security, be informed about the latest vulnerabilities in WP plugins: Participants Database Cross site scripting (XSS) reported by Benjamin Lim (https://limbenjamin.com). Exploit allows attackers to inject arbitrary Javascript via the Name parameter. immediately update to version 1.7.5.9 to fix vulnerability Display Widgets Backdoored reported by Jonas Lejon…

By Csaba, Miklós WP Security WP SERVICES

31 Aug: WP Security: plugin vulnerabilities August

For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: AddToAny Share Buttons Conditional Host Header Injection reported by Paul Dannewitz. It’s possible to inject a custom Host-Header, that will be used for building the link, which is going to be shared on Social Media platforms when…

By Csaba, Miklós WP Security WP SERVICES

01 Aug: WP Security: plugin vulnerabilities July

For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: WP Statistics SQL injection reported by Sucuri. Exploit allows to create an admin-level user and sign in to your WordPress as an admin. Cross-Site Scripting (XSS) reported by Dewhurst Security. Exploit allows attackers to compromise a WordPress…

By Csaba, Miklós WP Security WP SERVICES

07 Jul: WP Security: plugin vulnerabilities June

For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: All-in-One WP Migration Cross-Site Scripting (XSS) reported by Twitter user @0w4ys. Immediately update to version 6.46 to fix the vulnerability. Ultimate Product Catalogue Authenticated SQL Injection reported by Twitter user @log_oscon. Immediately update to version 4.2.3 to…

1 … 12 13

02 Oct: WordPress protection: Core vulnerabilities September

01 Oct: WP Security: plugin vulnerabilities September

31 Aug: WP Security: plugin vulnerabilities August

01 Aug: WP Security: plugin vulnerabilities July

07 Jul: WP Security: plugin vulnerabilities June