When I want to share sensitive data or when I ask a client to share sensitive data, I use a service to do the job, a service called RevealIt.me. This free service was made by a an ex-coworker, it works fine, I trust him so everything was OK. Then one day on Slack someone (also […]
This post is a response to Yoast at https://yoast.com/wordpress-security/. Yoast is a SEO company in the WordPress ecosystem since 10 years now. They are professionals without any doubts, but for SEO purposes, not for Security. After my read on that particular and recent post from them, I had to answer and fix the issues. Some […]
Reflected XSS in Newspaper, a famous theme from TagDiv on themeforest, with about 95,000 sells.
Never assume that the most known, most common, most used plugins are free of vulnerabilities, or the opposite. However, the more an extension evolves, the more it tends to “create” vulnerabilities, and to patch them, and the less a plugin evolves, the more it tends to be discovered as a vulnerable one. Let’s take a […]
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is high.