6 {{ upvoteCount | shortNum }}
6 {{ upvoteCount | shortNum }}

Wordpress Security Alert - Widespread Plugins and Themes Vulnerability

by twistedpixel
5 replies
I know many Warriors use WordPress and might not be aware of this major vulnerability report (i.e. you might need to update your plugins and theme ASAP)...

Sucuri is reporting "XSS Vulnerability Affecting Multiple WordPress Plugins"

https://blog.sucuri.net/2015/04/secu...s-plugins.html

Envato Themes (Themeforest.com) and Plugins (Codecanyon.net) appear to be possibly affected with their announcing..."Widespread WordPress Plugins and Themes Security Vulnerability"

Widespread WordPress Plugins and Themes Security Vulnerability - Market Blog

Keep your themes and plugins updated and use best practices for security.

GOOD LUCK!



...
#alert #plugins #security #themes #vulnerability #widespread #wordpress
  • Profile picture of the author ProfitFromMyDomain
    So are people actively breaking into websites or is this just a bug they happen to find?
    Signature

    I would have invented Google and Microsoft if I was born earlier.

    {{ DiscussionBoard.errors[10021585].message }}
    • Profile picture of the author twistedpixel
      You can update your wordpress software now or wait around and find out. The article claims that WP developers were notified in advance to update (prior to security warning being published)

      I figured I'd give everyone a heads up before their site is hacked.

      I had a wordpress site hacked 2 days ago that I forgot to move to a dedicated IP (and theme/plugins were not updated), it caused my main IP to get blacklisted and took a couple days to clear.
      {{ DiscussionBoard.errors[10021610].message }}
  • Profile picture of the author writeaway
    Wow, this is bad news. Hackers can scan dormant WP installations for vulnerabilities and use this XSS weakness to inject malicious code.

    Just how bad can things get? Well, they can turn your sites into SPYWARE distribution sites/attack sites. Scary stuff!
    Signature
    {{ DiscussionBoard.errors[10021618].message }}
  • Profile picture of the author twistedpixel
    Here are just some of the plugins affected (a small fraction of the thousands that could be vulnerable)

    {{ DiscussionBoard.errors[10022907].message }}
  • Profile picture of the author Xochitl Shat
    Thanks for sharing. May people are learn form this good list.
    {{ DiscussionBoard.errors[10023024].message }}

Trending Topics