Security News

Comments considered harmful: WordPress web hijack bug revealed (The Register)
2015-04-27 19:48

Klikki Oy - WordPress 4.2 Stored XSS (Reddit)
2015-04-27 18:48

Millions of WordPress sites at risk of hijack after zero-day released (ZDNet)
2015-04-27 18:48

WordPress Flaw Allows Arbitrary Code Execution via Comments: Researcher (SecurityWeek)
2015-04-27 18:48

Just-released WordPress 0day makes it easy to hijack millions of websites (ArsTechnica)
2015-04-27 18:48

WordPress Under Attack As Double Zero-Day Trouble Lands (Forbes)
2015-04-27 18:48

Details on WordPress Zero Day Disclosed (Threatpost)
2015-04-27 15:56

A Finnish researcher has disclosed details on an unpatched stored cross-site scripting vulnerability in the WordPress core engine.

WordPress vulnerable to yet another, still to be patched XSS flaw (Help Net Security)
2015-04-27 13:18

The latest WordPress version (4.2, released on Thursday) and several earlier ones are vulnerable to a stored cross-site scripting (XSS) vulnerability that can be exploited to inject JavaScript in Word...

WordPress issues critical security release (Help Net Security)
2015-04-23 13:26

WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to compromise their site. This ...

Popular WordPress plugins vulnerable to XSS (Help Net Security)
2015-04-22 10:09

At least 17 WordPress plugins - and likely even more of them - have been found vulnerable to cross-site scripting (XSS) flaws that could allow attackers to inject malicious code in the browsers of the...