by Mike | Jul 23, 2015 | TechAlert, WordPress
WordPress 4.2.3 was released today to patch a critical cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability. If...
by Mike | Mar 13, 2015 | TechAlert, TechNews, WordPress
WordPress Plugins A serious vulnerability has been discovered in the extremely popular e-commerce plugin for WordPress, “WooCommerce”. If left unpatched, a WordPress installation utilizing version 2.3.5 or earlier could be vulnerable to a SQL injection...
by Mike | Mar 12, 2015 | TechAlert, TechNews, WordPress
WordPress Plugins A serious vulnerability has been discovered in the WordPress plugin “WordPress SEO by Yoast”. If left unpatched, a WordPress installation utilizing version 1.7.3 or earlier (see all patched versions below) could be vulnerable to a SQL...
by Mike | Mar 7, 2015 | TechAlert, TechNews, WordPress
WordPress Plugins A privilege escalation vulnerability has been discovered in the WordPress plugin “MainWP Child”. MainWP Child is a plugin that works in conjunction with the WordPress management plugin, MainWP, to allow remote administration of...
by Mike | Feb 5, 2015 | TechAlert, TechNews, WordPress
WordPress Plugins A zero-day vulnerability has been discovered in the WordPress plugin “Fancy Box for WordPress”. If left unpatched, a WordPress installation utilizing version 3.0.3 or earlier could allow an attacker to install malware or other malicious...