Passwords

Don’t Use a Password Protection on wp-admin Folder

June 9, 2016 0 comments

On the Internets you will find many posts that explain how to use a password protection on your back-end using a auth password. There is a problem But there is one big problem with that is it will break all your and requests. In the WordPress Codex you will find a page that will explains how to implement AJAX. You’ll read […]

Read more
WordPress Flaws and Vulnerabilities

Jetpack 4.0.3 Security Patch

June 2, 2016 0 comments

Jetpack 4.0.3 just fixed a security flaw named Stored XSS. It allows a visitor to insert a shortcode containing some HTML attributes usually forbidden. The vulnerability According to Sam Hotchkiss, member of the Jetpack development team, this XSS vulnerability can be found in the shortcodes parsing method, a Jetpack’s one. A attacker could easily add some JavaScript code in your comments to hack your visitor’s […]

Read more
WordPress Flaws and Vulnerabilities

All In One WP Security & Firewall 4.0.9 Security Patch

May 12, 2016 0 comments

On May 10th 2016, All In One WP Security & Firewall patched some SQL injection detected by our team. Those flaws allow any visitor to alter DB queries. This represent a high security risk.

Read more
WordPress Flaws and Vulnerabilities

iThemes Security 5.3.6 Security Fix

April 25, 2016 0 comments

Recently around april, 19th 2016, iThemes Security got patched against a vulnerability discovered by our team, a lack of capability check, allowing any member with any role to perform an Administrator action.

Read more