Anatomy of a Shortcode with its Flaws
During my research in free extensions, or during code audits ordered by customers, I find from time to time things so simple to correct and yet so devastating that I wanted to show you one, a beautiful one.
Discover our tips about WordPress security
Flaws and vulnerabilities are constantly being found on the web. It's important to stay informed to avoid some nasty surprises when you own a website. Find out about some famous flaws, their impact, their discovery and the patches created to fix them.
During my research in free extensions, or during code audits ordered by customers, I find from time to time things so simple to correct and yet so devastating that I wanted to show you one, a beautiful one.
iThemes Security is a know security plugin in the WordPress community since years. One week ago we discovered a security issue in their “Hide Backend” module, leaking the hidden login page. This ByPass Vulnerability has been patched in 7.9.1, update it if you’re using it.
This post is a response to Yoast at https://yoast.com/wordpress-security/. Yoast is a SEO company in the WordPress ecosystem since 10 years now. They are professionals without any doubts, but for SEO purposes, not for Security. After my read on that particular and recent post from them, I had to answer and fix the issues. Some […]
Reflected XSS in Newspaper, a famous theme from TagDiv on themeforest, with about 95,000 sells.
WPS Limit Login is edited by WP Serveur, WordPress french host. Criticity level for this update is high.
This website is edited by 21(douze).
Registered office:
26, rue Montgolfier
62510 Arques - France.
SIRET
523 133 189 00010
Email
contact@secupress.me
Hosted by o2switch
222 Boulevard Gustave Flaubert
63000 Clermont-Ferrand
France