Tag Archives: vulnerability

WordPress: If you're not using the TwentyFifteen theme, delete it

If you are using it, be sure to update it!

#wordpress   #vulnerability  

Embedded Link

WordPress JetPack and TwentyFifteen DOM-based XSS Vulnerability | Sucuri Blog
A XSS vulnerability affects Jetpack and Twentyfifteen, both installed by default in millions of WordPress installs, caused by a flaw in the genericons package.

Google+: View post on Google+

If you currently use TheCartPress on your WordPress website, you may want to switch…

If you currently use TheCartPress on your WordPress website, you may want to switch to another cart solution. They're ending support on June 1, 2015.

For clients not already using WooCommerce, I've been moving clients to that shopping cart, which is the front-runner in WordPress shopping carts & should be supported for a long time, as they also sell solutions that are compatible with their free shopping cart.

#wordpress   #vulnerability   #ecommerce  

Embedded Link

WordPress e-commerce plug-in puts over 5,000 websites at risk | Networks Asia
Unpatched flaws could allow attackers to take control of websites running a WordPress plug-in called TheCartPress.

Google+: View post on Google+

WordPress – Vulnerability Alert

If you have a WordPress site, please take a moment to check your plugin directory to see if you have a folder called "revslider". If you do, please make sure that plugin is updated. Envato is offering the update for free download & can be accessed through a link from an Envato page that links from the attached article. (Link: http://codecanyon.net/item/slider-revolution-responsive-wordpress-plugin/2751380 )

The old Revolution slider 4.1.x plugin has a vulnerability. is a premium plugin that is used in many for-purchase themes. Unfortunately, it won't request to be updated if it was installed via a premium theme, so it's up to us to ensure our sites are safe.

#wordpress   #vulnerability   #revolution   #revolutionslider   #update  

Embedded Link

Report: Mysterious Russian Malware Is Infecting 100,000+ WordPress Sites
A Russian malware called SoakSoak has infected over 100,000 WordPress sites since this Sunday, turning blogs into attack platforms. It’s a potential shitshow, and it could’ve been prevented earlier this fall.

Google+: Reshared 1 times
Google+: View post on Google+

"Infinite WP" WordPress plugin vulnerability notice

For anyone using the Infinite WP WordPress plugin, make sure you've updated your plugin so this vulnerability is no longer present on your site.

#wordpress   #plugin   #vulnerability   #infinitewp   

Embedded Link

Vulnerability found in Infinite WP WordPress client
A Sucuri researcher found a vulnerability that could allow a malicious attacker to take over a users sites and put them into maintenance mode.

Google+: View post on Google+

Note: Keep your WordPress (and Drupal) software updated!

Here's another vulnerability that we all must take seriously. Both WordPress and Drupal have initiated a patch to block this attack, so please make sure to update your WordPress (and Drupal) software to protect your site and the server you're on.

#wordpress   #vulnerability   #dos   #update  

Embedded Link

Major Security Vulnerability in WordPress, Drupal Could Take Down Websites
If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.

Google+: Reshared 1 times
Google+: View post on Google+