Category Archives: Security

VaultPress v.1.3 includes hotfix for WordPress vulnerabilities

Today, we released an update to the VaultPress plugin (1.3) to protect against recently identified security vulnerabilities in WordPress. You can read more about those vulnerabilities and the release of WordPress 3.3.2 here. To be proactive, we pushed version 1.3 … Continue reading

Posted in Announcements, Features, Security | 2 Comments

712 Fewer Vulnerable TimThumb Scripts in Existence

We recently contacted VaultPress customers who were affected by the TimThumb image library vulnerability with instructions on how to secure their sites. As previously noted, the vulnerability allows third parties to upload and execute arbitrary PHP code in the TimThumb … Continue reading

Posted in Announcements, Security | Tagged | 7 Comments

Vulnerability Found in timthumb.php

Yesterday we learned of a vulnerability in a popular image resizing library called TimThumb, which is used in many WordPress themes and plugins. The vulnerability was first reported by Mark Maunder in a post on his blog, and has been … Continue reading

Posted in Announcements, Security | Tagged | 44 Comments

Plugin Security Scan and Fixes

Yesterday we learned of a potential security issue related to a few popular WordPress plugins. As a precautionary measure, we have scanned all VaultPress customer sites to check for the affected plugins. We were able to remotely edit and secure … Continue reading

Posted in Security | Tagged , | 4 Comments

Making the WordPress Universe Safer

Danny Dagan’s post today about an unexpected benefit of VaultPress struck a chord with us. One of the positive side effects of the work we do to scan our customers’ WordPress installations for vulnerabilities is making a number of plugins … Continue reading

Posted in Security, WordPress | 1 Comment