- Tips and Tricks
- By Catalin Cimpanu
- May 19th, 2015
How to Improve the WordPress Built-in Code Editor
Take the pain out of working with WordPress code editor
- Security
- By Ionut Ilascu
- May 11th, 2015
XSS Glitch Found in RoomCloud Hotel Booking Plugin for WordPress
Bug exploit publicly available, discloses travel info
- Security
- By Ionut Ilascu
- May 8th, 2015
WordPress Websites Targeted by Credential Leak Campaign
Users are unaware of the credential theft
- Security
- By Ionut Ilascu
- May 7th, 2015
WordPress 4.2.2 Fixes DOM-Based XSS Bug Affecting Millions of Websites
Flaw can be repaired manually, bug is exploited in the wild
- Security
- By Ionut Ilascu
- May 6th, 2015
Millions of WordPress Websites Susceptible to Hijack Attacks
Attacks recorded before the disclosure of the vulnerability
- Security
- By Ionut Ilascu
- May 5th, 2015
Admins Fail to Patch Year-Old Glitches in RevSlider, WordPress Sites Compromised
WordPress plugins and the CMS itself should be updated
- Security
- By Ionut Ilascu
- April 30th, 2015
Over 5,000 Websites at Risk Due to Buggy TheCartPress eCommerce Plugin
Proof-of-concept code has been published by the researchers
- Security Fixes and Improvements
- By Ionut Ilascu
- April 28th, 2015
WordPress 4.2.1 Patches Zero-Day Affecting All Previous Versions
Updating should be at the top of the priority list
- Security
- By Ionut Ilascu
- April 27th, 2015
WordPress 4.2 Affected by Zero-Day Stored XSS, PoC Available Updated
Most popular WordPress versions are currently affected
- Security Fixes and Improvements
- By Ionut Ilascu
- April 22nd, 2015
WordPress 4.1.2 Fixes Critical XSS Flaw
Developers address multiple security problems
- Security
- By Ionut Ilascu
- April 21st, 2015
Highly Popular WordPress Plugins Vulnerable to XSS Attacks
Admins should update all WordPress components
- Security
- By Ionut Ilascu
- April 8th, 2015
FBI Warns About ISIS-Themed Defacement, Urges WordPress Admins to Patch
Hardening WordPress and keeping plug-ins updated should be a standard procedure to avoid defacement and other threats
- Security Fixes and Improvements
- By Ionut Ilascu
- April 8th, 2015
Stored XSS Glitch in WP-Super-Cache May Affect over 1 Million WordPress Sites
Attackers can gain complete control of the website
- Security
- By Ionut Ilascu
- April 4th, 2015
WordPress, Joomla Sites Infected with Malicious Flash File
At least several hundred websites are infected
- Linux & Opensource Blog
- By Marius Nestor
- March 29th, 2015
WordPress 4.2 Beta 3 Released, Final Version Around the Corner
Over 65 changes have been included in this version
- Security Fixes and Improvements
- By Ionut Ilascu
- March 12th, 2015
CSRF and Blind SQL Injection Risks Removed in Top SEO Plug-In for WordPress
Plug-in has tens of thousands of daily downloads
- Security Fixes and Improvements
- By Ionut Ilascu
- February 25th, 2015
WP-Slimstat Wordpress Plug-in Relies on Guessable Crypto Key
An attacker would need 10 minutes to crack the key