Wordpress Security Alert - Widespread Plugins and Themes Vulnerability

5 replies
I know many Warriors use WordPress and might not be aware of this major vulnerability report (i.e. you might need to update your plugins and theme ASAP)...

Sucuri is reporting "XSS Vulnerability Affecting Multiple WordPress Plugins"

https://blog.sucuri.net/2015/04/secu...s-plugins.html

Envato Themes (Themeforest.com) and Plugins (Codecanyon.net) appear to be possibly affected with their announcing..."Widespread WordPress Plugins and Themes Security Vulnerability"

Widespread WordPress Plugins and Themes Security Vulnerability - Market Blog

Keep your themes and plugins updated and use best practices for security.

GOOD LUCK!



...
#alert #plugins #security #themes #vulnerability #widespread #wordpress
  • So are people actively breaking into websites or is this just a bug they happen to find?
    Signature

    I would have invented Google and Microsoft if I was born earlier.

    {{ DiscussionBoard.errors[10021585].message }}
    • Profile picture of the author twistedpixel
      You can update your wordpress software now or wait around and find out. The article claims that WP developers were notified in advance to update (prior to security warning being published)

      I figured I'd give everyone a heads up before their site is hacked.

      I had a wordpress site hacked 2 days ago that I forgot to move to a dedicated IP (and theme/plugins were not updated), it caused my main IP to get blacklisted and took a couple days to clear.
      Signature
      Looking for Affiliates to promote the "World's Best Tasting Protein Bar!" (according to customers)
      Health, Lifestyle, Exercise, etc. Publishers/List Owners get 15% for first sale and re-orders (lots of repeat sales) PM ME!
      {{ DiscussionBoard.errors[10021610].message }}
  • Profile picture of the author writeaway
    Wow, this is bad news. Hackers can scan dormant WP installations for vulnerabilities and use this XSS weakness to inject malicious code.

    Just how bad can things get? Well, they can turn your sites into SPYWARE distribution sites/attack sites. Scary stuff!
    Signature

    Want To Make More Money Online? Invest in BETTER CONTENT!
    Articles - Blogs - Authority sites - Ecommerce descriptions - Emails - Youtube video scripts - AFFORDABLE RATES!
    {{ DiscussionBoard.errors[10021618].message }}
  • Profile picture of the author twistedpixel
    Here are just some of the plugins affected (a small fraction of the thousands that could be vulnerable)

    Signature
    Looking for Affiliates to promote the "World's Best Tasting Protein Bar!" (according to customers)
    Health, Lifestyle, Exercise, etc. Publishers/List Owners get 15% for first sale and re-orders (lots of repeat sales) PM ME!
    {{ DiscussionBoard.errors[10022907].message }}
  • Profile picture of the author Xochitl Shat
    Thanks for sharing. May people are learn form this good list.
    {{ DiscussionBoard.errors[10023024].message }}

Trending Topics