06 May

Apparent Exploits of Vulnerability in Blog Designer Reminder of the Importance of Keeping Your WordPress Plugins Up to Date

Last Tuesday we warned about a vulnerability likely to be exploited in the plugin Blog Designer, unlike another WordPress plugin vulnerability we ran across recently in a similar situation, this one was quickly fixed and the plugin reopened on the Plugin Directory the next day (the vulnerability had been independently discovered by WebARX).

[Read more]

13 Feb

The Missing Story About WordPress Plugin Developers’ Failure To Make Sure Their Plugins Are Secure

Coverage of WordPress plugin vulnerabilities is rather poor and coverage of an authenticated option update vulnerability in the plugin Simple Social Buttons disclosed on Monday was no exception. For example, you had a security journalist that frequently spreads false and misleading information, Catalin Cimpanu, make this statement in regards to WordPress:

[Read more]