16 Oct

Is This Another Case of a Malicious Takeover of a WordPress Plugin?

In our previous post we noted how we had found that the plugin Facebook Like Box had recently had a cross-site request forgery (CSRF) related vulnerability fixed. In looking over what else had recently been done with the plugin we noticed in the previous release one of the changelog entries was “Fixed Security Bugs”. Looking at the [Read more]

16 Oct

Vulnerability Details: Cross-Site Request Forgery (CSRF)/Settings Change Vulnerability in Facebook Like Box

This Vulnerability Details post about a vulnerability in the plugin Facebook Like Box provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]