Security News

Year-old flaw in popular WordPress plugin still actively exploited (Help Net Security)
2015-05-06 15:08

Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits. As per usual, the attackers are mostly leveraging vulnerabilities in WordPress p...

Flaws in WordPress eCommerce Plugin Expose Over 5,000 Websites (SecurityWeek)
2015-04-30 17:20

Several vulnerabilities identified in TheCartPress WordPress plugin (SC Magazine)
2015-04-29 22:12

New vulnerability in WordPress identified (IT Toolbox Blogs)
2015-04-29 20:13

WordPress Ecommerce Plugin Vulnerability Details Disclosed (Threatpost)
2015-04-29 18:28

Details on a number of unpatched vulnerabilities in a popular WordPress ecommerce plugin called CartPress were disclosed.

5,000+ e-commerce sites at risk due to buggy WordPress plugin (Help Net Security)
2015-04-29 15:07

A popular WordPress e-commerce plugin that is actively used on over 5,000 websites contains high-risk vulnerabilities that can be exploited to compromise customers' data, execute arbitrary PHP code, a...

WordPress Rushes to Fix Critical Zero-Day Vulnerability (SecurityWeek)
2015-04-28 22:48

WordPress Patches Critical Flaw (April 27, 2015) (SANS Newsbites)
2015-04-28 22:48

WordPress Patches Zero-Day Vulnerability (Threatpost)
2015-04-28 17:12

WordPress quickly turned around a patch for a stored cross-site scripting zero-day vulnerability in the CMS' core engine.

Stored XSS bug in WordPress, researchers advise to disable comments (SC Magazine)
2015-04-27 21:48