‘WordPress Security’ Category

Free eBook: Locking Down WordPress

9
responses
by
on
July 15th, 2012
in
WordPress, WordPress Security

The latest free WordPress eBook from Code Poet has arrived, Locking Down WordPress. This new eBook from Rachel Baker, Brad Williams, and John Ford, will show you how to secure your WordPress installation and take care of it when things get out of hand. Security should be one of your fore-most concerns with any website, and this eBook is free and available in PDF, EPUB, and Kindle formats, so get it while it’s hot!

[Continue Reading...]

WordPress 3.3.2 and 3.4 Beta 3 Released

1
response
by
on
April 20th, 2012
in
WordPress, WordPress News, WordPress Security

WordPress 3.3.2 and 3.4 Beta 3 have been released. This important security update plugs exploits in Plupload, SWFUpload, and SWFObject (three external libraries used by WordPress), as well as a few additional fixes. WordPress 3.4 Beta 3 is still not ready for prime time, but provides almost 90 fixes since the second beta release. Please do take a few swings at it on a test installation, especially if you are a plugin or theme developer. If you find any bugs, please report them, and contact the support forums if you need any help. If you’re currently running on the WordPress 3.3 branch, please update to 3.3.2 as soon as you can!

[Continue Reading...]

Free WordPress Security Webinar

No
responses
by
on
April 20th, 2012
in
WordPress, WordPress Security

iThemes will be sponsoring a free webinar on WordPress security on April 25 at 1 PM CDT. The webinar will be given by Dre Armeda of Sucuri and will cover cleaning up your WordPress site and keeping it secure. If you can’t make it, don’t worry. iThemes will be providing a recording later for viewing at your leisure.

[Continue Reading...]

Easily Find and Fix Vulnerable Instances of TimThumb

2
responses
by
on
September 7th, 2011
in
WordPress, WordPress Security

If you’re worried about the recent TimThumb security vulnerability, but haven’t had a chance to see if you’re affected, identifying and fixing vulnerable instances of TimThumb just got a whole lot easier thanks to a new plugin from Peter Butler. Now, all you need to do is install and activate this plugin, run the scanner from the new Tools -> Timthumb Scanner section in your Dashboard, and click the Fix button to repair any vulnerabilities that are found.

[Continue Reading...]

TimThumb Security Vulnerability

6
responses

A zero day vulnerability has been found in TimThumb, a popular image resizing script used by several WordPress themes. The person who discovered the vulnerability has issued a fix and instructions to detect any lingering hacks. As described on the VaultPress blog, “The vulnerability allows third parties to upload and execute arbitrary PHP code in the TimThumb cache directory. Once the PHP code has been uploaded and executed, your site can be compromised however the attacker likes.” The folks at Sucuri have constructed a great list of just a few affected WordPress themes, just to give you idea of how many themes use TimThumb. If your theme uses TimThumb, contact your theme author for an update immediately, or download the latest version if it has already been updated. If your theme author is not willing to offer an update, it’s probably time for a new theme, but you can also […]

[Continue Reading...]

Mark Jaquith on WordPress Theme and Plugin Security

4
responses
by
on
March 1st, 2011
in
WordPress, WordPress Security

If you hate to read about security, then this great presentation by WordPress Core Developer Mark Jaquith on WordPress Theme and Plugin Security from WordCamp Phoenix 2011 is just for you! The presentation is great to watch and quite educational for both WordPress users and developers.

[Continue Reading...]

WordPress 3.0.5 and 3.1-RC4 Released

9
responses
by
on
February 8th, 2011
in
WordPress, WordPress News, WordPress Security

WordPress 3.0.5 and 3.1-RC4 have been released. Both releases address three security issues and add additional security enhancements, and 3.1-RC4 fixes “about two dozen additional bugs.” Both updates are available immediately via your Dashboard, but users updating to 3.0.5 will need to update to the latest release of Akismet again. Core developer Andrew Nacin hopes to minimize “the Akismet update dance” in WordPress 3.1 and put an end to it in WordPress 3.2.

[Continue Reading...]

WordPress 3.0.4 Security Release

1
response
by
on
December 30th, 2010
in
WordPress, WordPress News, WordPress Security

WordPress 3.0.4 has been released to plug a critical security vulnerability. [It] fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.” I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well. If you’re currently testing WordPress 3.1, make sure that you upgrade to the latest nightly release to get the same security fixes.

[Continue Reading...]

WordPress 3.0.3 Security Release

18
responses
by
on
December 8th, 2010
in
WordPress, WordPress News, WordPress Security

Users are advised that WordPress 3.0.3 has just been released and is a security update. This release fixes issues in the XML-RPC remote publishing interface. This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts. If you have remote publishing enabled on your site you are urged to upgrade. You can do so easily via the built-in automatic upgrade feature. If upgrading the old fashioned way is your cup of tea here is the list of revised files … wp-includes/version.php xmlrpc.php readme.html wp-admin/includes/update-core.php

[Continue Reading...]



Obviously Powered by WordPress. © 2003-2013

page counter
css.php