Never assume that the most known, most common, most used plugins are free of vulnerabilities, or the opposite. However, the more an extension evolves, the more it tends to “create” vulnerabilities, and to patch them, and the less a plugin evolves, the more it tends to be discovered as a vulnerable one. Let’s take a […]
WordPress Flaws and Vulnerabilities
WordPress has made some great strides in terms of security with the latest version releases. Despite all these efforts, flaws and vulnerabilities are always being discovered. It's important to keep an eye on them and make sure to install the proper security patches. Check out our articles regarding some flaws found on WordPress.
Today, Karim El Ouerghemmi discloses a critical WordPress vulnerability allowing any author, editor, administrator to delete any file of the installation, in any folder, without any tool.
Today is a spooky day for WordPress, releasing a new security fix directly related to the last vulnerability fixed in 4.8.2.
Since days, WordPress has a password reset feature allowing any user to ask for a new password. This feature contains a vulnerability which might allow an attacker to get the password reset link without even being authenticated. This kind of attack could lead to an unauthorized access on the victim’s WordPress account.
Update your website now! Yes, this is it.