Category Archives: Security

Vulnerability Found in timthumb.php

Yesterday we learned of a vulnerability in a popular image resizing library called TimThumb, which is used in many WordPress themes and plugins. The vulnerability was first reported by Mark Maunder in a post on his blog, and has been … Continue reading

Posted in Announcements, Security | Tagged | 44 Comments

Plugin Security Scan and Fixes

Yesterday we learned of a potential security issue related to a few popular WordPress plugins. As a precautionary measure, we have scanned all VaultPress customer sites to check for the affected plugins. We were able to remotely edit and secure … Continue reading

Posted in Security | Tagged , | 4 Comments

Making the WordPress Universe Safer

Danny Dagan’s post today about an unexpected benefit of VaultPress struck a chord with us. One of the positive side effects of the work we do to scan our customers’ WordPress installations for vulnerabilities is making a number of plugins … Continue reading

Posted in Security, WordPress | 1 Comment

Rest Soundly, 3.0.4 Hotfix Deployed

‘Twas two nights before New Year’s Eve, when all through the house, not a creature was stirring, not even a mouse. That rustling sound you kept hearing was actually the VaultPress Safekeepers, busily protecting all the WordPress sites under our … Continue reading

Posted in Announcements, Security | Leave a comment

New Hotfix Released for Security Issue

We’ve issued a new hotfix via the VaultPress plugin that closes a recently identified security issue in WordPress. WordPress 3.0.3, released yesterday, fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly … Continue reading

Posted in Announcements, Security | Tagged , , | Leave a comment