Guess what? Unless your site is hosted by one of 11 specific web hosts, it's time to patch your WordPress installation again! Netsparker researchers have recently unearthed a vulnerability affecting one popular theme installed by default in all WordPress installations, and which can be exploited by attackers to take control of vulnerable WP sites.
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits.
A popular WordPress e-commerce plugin that is actively used on over 5,000 websites contains high-risk vulnerabilities that can be exploited to compromise customers' data, execute arbitrary PHP code, and perform Cross-Site Scripting attacks against users of WordPress installations, claim High-Tech Bridge researchers.
WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to compromise their site.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.