Login

Tag Archives: Simply Static

Plugin Security Scorecard Grade for Simply Static

Checked on August 13, 2024
B

See issues causing the plugin to get less than A+ grade

21 Oct 2016

Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Simply Static

The description page for the plugin Simply Static makes the case for it use based in part on the insecurity of WordPress plugins:

WordPress is used by one in four websites[1]. That makes it a prime target for hackers. There are a lot of ways that your site can be compromised, but two-thirds of all hacks are caused by vulnerabilities in WordPress plugins, themes, and core files[2]. [Read more]

11 Oct 2016

Vulnerability Details: Arbitrary File Viewing Vulnerability in Simply Static

From time to time vulnerabilities are fixed in plugin without someone putting out a report on the vulnerability and we will put out a post detailing the vulnerability. While putting out the details of the vulnerability increases the chances of it being exploited, it also can help to identify vulnerabilities that haven’t been fully fixed (in some cases not fixed at all) and help to identify additional vulnerabilites in the plugin.

[Read more]