WP-phpmyadmin WordPress plugin – Delete it now
David Dede If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what…
Browsing Category
WordPress Security
674 posts
WordPress plugins hacked – Understanding the backdoor
If you haven’t heard about it already, yesterday three popular WordPress plugins (AddThis, WPtouch, and W3 Total Cache) had a malicious backdoor added to them…
Information Leakage on multiple WordPress themes by WooThemes
This weekend there was a post on the Full disclosure list about multiple vulnerabilities on some WordPress themes by WooThemes. This is what the message…
Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
For the last few months we’ve been tracking a very large blackhat SEO spam campaign initiated by basicpills.com, and many other pharma-related domains (mostly located…
WordPress 3.1.3 available (security fixes)
If you are using WordPress, make sure to upgrade it now. The version 3.1.3 was just released with a few security fixes: * Various security…
WP-DBManager Security update (serious issue)
Just a quick note that if you are using the WordPress WP-DBManager plugin, make sure to update it as soon as possible. Old versions of…
Are WordPress users taking care of their security? State of Blog Security – Part I
Almost two years ago we published an article on the “state of blog security” (focused on WordPress) where we checked the percentage of blogs that…
WordPress 3.1.2 released – Security fixes
The WordPress team just released a new version of WordPress (3.1.2) to fix a security issue where contributor-level users were allowed to publish posts. It…
Automattic / WordPress hacked – Security incident
The guys from Automattic (WordPress) posted today a brief statement about a security incident that they suffered. Tough note to communicate today: Automattic had a…
Link injection on hacked WordPress sites – Blackhat SEO spam
The last few months we’ve been tracking, and helping webmasters affected by a very large blackhat SEO spam campaign initiated by basicpills.com, and many other…
WordPress 3.1.1 is available (security fixes)
There is a new version of WordPress available (3.1.1) that includes multiple security fixes. These are the changes according to WordPress.org: Some security hardening to…