Tag Archives: Security

WordPress 4.3.1 Security Release

WordPress version 4.3.1 was released today, which is a security update for all previous WordPress versions. This version of WordPress addresses three issues, including two cross-site scripting vulnerabilities and a potential privilege escalation. (CVE-2015-5714). WordPress 4.3.1 also fixes twenty-six bugs! You can read the full announcement … Continue reading

Posted in General, Security | Tagged , | Leave a comment

Interview with WordPress.org’s Security Czar, Nikolay Bachiyski

At WordCamp Europe 2015 , Matt Mullenweg named Nikolay Bachiyski the first Security Czar for the WordPress project . With over 10 years of experience contributing to the WordPress project, Nikolay is a great fit and has embraced the role. … Continue reading

Posted in Community, Security | Tagged , , | 1 Comment

Vulnerability in WP Super Cache

A couple of important security updates have been released for the popular WP Super Cache plugin. The security updates fixed a vulnerability, reported by Sucuri, that allowed an attacker to introduce malicious code into the plugin’s cache file listing. Many such vulnerabilities are executed … Continue reading

Posted in General, Security | Tagged | 2 Comments

Vulnerability In The Slider Revolution Plugin

Sucuri has discovered a very serious vulnerability in the ‘Slider Revolution’ plugin. All versions below 4.2 are exploitable. As the Sucuri blog post points out, this is serious. This vulnerability can allow an attacker to read any file on the … Continue reading

Posted in General | Tagged | Leave a comment

Fix for the MailPoet Plugin AKA wysija-newsletters

A vulnerability was found in the MailPoet Newsletters WordPress plugin ( known as wysija-newsletters at the WordPress.org plugin repository ). All versions below 2.6.7 of the plugin are vulnerable. We’ve deployed a hot fix to VaultPress sites running the MailPoet … Continue reading

Posted in General, Security | Tagged | Leave a comment