07 Nov

RIPS Technologies and BleepingComputer Creator Claim That Plugin’s Functionality Not Working When Disabled is WordPress “Design Flaw”

We generally avoid security journalism as it frequently involves widely misleading to flat-out falsehoods, one example of that being something we discussed just a couple of weeks ago. One of the security journalism outlets we mentioned in that post was the BleepingComputer, so when a Google news alert let us know of another story related to the security of WordPress plugins from them it wasn’t surprising that it might not be totally accurate. The title of the story is¬†WordPress Design Flaw + WooCommerce Vulnerability Leads to Site Takeover,¬†though there doesn’t appear to be a design flaw in WordPress or a site takeover that actually occurred.

[Read more]