Timthumb Security Vulnerability – List of Themes
David Dede The Timthumb 0-day security vulnerability is generating a lot of noise and for good reason. If you have a theme that includes TimThumb, your site…
Browsing Category
WordPress Security
680 posts
Timthumb.php Security Vulnerability – Just the Tip of the Iceberg
There has been some buzz about a zero day vulnerability found in Timthumb.php that can allow for arbitrary file uploads. Although this is a platform…
Keeping Your WordPress Themes Updated
Dre Armeda We talk a lot about keeping WordPress and the plugins you use updated. That’s great and all, but you also have to remember that it…
Python: No such file or directory – Your site is likely compromised
If you run a WordPress site and you are seeing the following error at the top of your pages: sh: /usr/local/bin/python: No such file or directory…
WordPress 3.2 and PHP support – Security effect
WordPress 3.2 is going to be released very soon and one of the biggest changes is that they will drop support for PHP4 and all…
WordPress 3.1.4 available – Time to update
If you are running WordPress, it is time to update it now. WordPress v3.1.4 was just released with security fixes for all the previous versions…
WP-phpmyadmin WordPress plugin – Delete it now
If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what…
WordPress plugins hacked – Understanding the backdoor
If you haven’t heard about it already, yesterday three popular WordPress plugins (AddThis, WPtouch, and W3 Total Cache) had a malicious backdoor added to them…
Information Leakage on multiple WordPress themes by WooThemes
This weekend there was a post on the Full disclosure list about multiple vulnerabilities on some WordPress themes by WooThemes. This is what the message…
Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
For the last few months we’ve been tracking a very large blackhat SEO spam campaign initiated by basicpills.com, and many other pharma-related domains (mostly located…
WordPress 3.1.3 available (security fixes)
If you are using WordPress, make sure to upgrade it now. The version 3.1.3 was just released with a few security fixes: * Various security…