-
VaultPress provides backup and security scanning for your WordPress-powered site.
Search Our Blog
Popular Posts
Recent Comments
Author Archives: Mark George
WooCommerce PayPal Object Injection
The fine people at Woo have released a security patch for WooCommerce, fixing a vulnerability in their PayPal notification system. The vulnerability affects WooCommerce 2.0.20 – 2.3.10 when a “PayPal Identity Token” is set. It allows attackers to remotely execute … Continue reading
White Label CMS Vulnerability
A vulnerability has been found in White Label CMS, up to version 1.5.2. The vulnerability makes it possible to inject malicious code into websites, by tricking a site administrator into clicking a specially crafted URL. A fix has been released … Continue reading
iThemes Security: Critical Security Release
iThemes have released an important security fix for their iThemes Security Plugin. This release fixes an XSS issue, which allowed potentially dangerous JavaScript to be executed while viewing the iThemes Security 404 error logs. iThemes have backported the security fix to past versions, … Continue reading
Vulnerability in WP-Slimstat Plugin
A vulnerability has been found by Sucuri in the WP-Slimstat plugin, which affects all versions up to 3.9.5. The vulnerability may allow attackers to inject SQL commands into your database, allowing them to make arbitrary changes. If you use the WP-Slimstat plugin, we … Continue reading
FancyBox for WordPress Vulnerability
A vulnerability has been discovered in most versions of the Fancybox-for-WordPress plugin. This vulnerability makes it possible for attackers to inject malicious code into affected sites. If you’re using this plugin, you should immediate upgrade to the latest version. Our security scanner … Continue reading