01 Aug

What Happened With WordPress Plugin Vulnerabilities in July 2017

If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.

[Read more]

19 Jul

Cross-Site Request Forgery (CSRF)/Settings Change Vulnerability in Share Buttons by AddThis

We recently found that the plugin Share Buttons by AddThis had a cross-site request forgery (CSRF)/settings change vulnerability. When setting the plugin’s settings by clicking the Save Options button on the plugin’s settings page proper protection against CSRF exist, but it doesn’t for an alternate method when the plugin is set be controlled from “AddThis.com”.

[Read more]