Call a Vulnerability a Vulnerability Roger…

Call a Vulnerability a Vulnerability Roger Montii reporting for SEJ looks at an Authenticated Stored XSS vulnerability in the WPBakery Page Builder plugin. The vulnerability was discovered by Wordfence and fixed through their collaboration with WPBakery in a recent update. 🍰 Vulnerabilities happen β€” all the time, and in major plugins. Having them discovered by…
|

WordPress security release, and 4.5 development kicks off

It was the first truly busy day in WordPress core land since the release of WordPress 4.4. Two big things happened: A maintenance and security update was released inΒ WordPress 4.4.1, and the security component affected all versions back that can be auto-updated, to 3.7. WordPress 4.5 kicked off with the first meeting to discuss some…
|

WordPress zero day vulnerability on comment text patched in 4.2.1

Many readers have likely heard by now that WordPress 4.2.1 is out (and probably already patched on your installs). The patch is in response to a zero day vulnerability reported byΒ Jouko PynnΓΆnen of Klikki. WordPress 4.2.1 includes a check on the number of characters in the content of comments to prevent truncation of the comment…

End of content

End of content