WordPress Security Threats – Dec/2012

December’s round-up of WordPress security threats. If you have one of these plugins, make sure you’ve updated to a new version that has the vulnerability fixed, or disable the plugin immediately.

If you feel you may have been hacked, use the malware and virus scanner by Sucuri.

Sucuri Coverage

Packet Storm Coverage

WordPress Security Analysis – Dec/2012

December was a relative lite month, however there were a few serious exploits which you need to pay attention to.

The few items that stand out to me are the BuddyPress XSS, 3.4.2 failed session exploit, and the TwentyTen shell upload exploit. While some of these can only occur under rare conditions, it’s still worth pointing them out and ensuring that you are up to date with all security fixes.

via Packet Storm and the Sucuri Research Blog


Leave a Reply

Your email address will not be published. Required fields are marked *