Apr 28th Security Advisory: Critical WordPress XSS/RCE Vulnerability

Critical WordPress 0day Exploit in the WildThe third security advisory for WordPress this month, but much more severe, hit the internet with the release of a 0day exploit carrying the potential for complete website compromise. The exploit proof of concept was publicly disclosed late Sunday evening which resulted in a flare of attacks across the ... Read More »

Apr 22nd Security Advisory: Magento Critical Remote Code Execution

URGENT Magento Vulnerability now in the wildResearchers recently discovered a critical Remote Code Execution vulnerability in the Magento platform which affects both the Enterprise and Community Editions as well as all versions which can lead to a complete system compromise including credit card information and other financial and personal data. ... Read More »

Apr 21st Security Advisory: WordPress XSS Vulnerabilities Affecting Many Plugins

Recently it was discovered that many WordPress plugins are vulnerable to cross-site scripting exploits because of a mis-use of commonly used WordPress functions. So far a short list of popular plugins have been confirmed as vulnerable: Jetpack WordPress SEO Google Analytics by Yoast All In one SEO WP E-Commerce WPTouch Download ... Read More »

Apr 8th FBI Issues WordPress Vulnerability Warning

Tuesday the FBI issued a warning to all WordPress Operators that recent vulnerabilities are being widely exploited and you should ensure all WordPress installations are up-to-date as well as any plugins they may utilize. Researchers continue to identify WordPress Content Management System (CMS) plug-in vulnerabilities, which could allow malicious ... Read More »