WordPress 5.1 Dropped Last Week WordPress vulnerabilities in WP Core through version 5.0.3 have been published by US-CERT. One allows a Path Transversal in the wp_crop_image() variable. This flaw has been present in WordPress for a long time. If you’ve made the jump to 5.0, please update to 5.1 right away. If you’ve not made […]
January 28th is Data Privacy Day! Data Privacy Day (DPD) will be held on January 28th, 2019. It is an annual effort to promote data privacy awareness and education. DPD 2019 is sponsored by the National Cyber Security Alliance (NCSA), focus around the theme, A New Era in Privacy. The NCSA Stay Safe Online website will feature
Another week gone and more WordPress vulnerabilities to report. See US-CERT Bulletin (SB18-064) for more information. This week it’s two VERY popular plugins (1M active Installations), both of which I use on almost all of my websites. The first is iThemes Security. The plugin versions before 6.9.1 for WordPress do not properly perform data escaping for
In a never-ending quest to get webmasters to think about WordPress security, here is the latest update from the U.S. Dept. of Homeland Security’s National Cyber Awareness System. There were five new vulnerabilities discovered in four plugins in the WordPress ecosystem over the past couple of weeks. They are all cross-site scripting (XSS) WordPress vulnerabilities.
We value your privacy and NEVER share email addresses
Call now!
