Multiple WP plugin vulnerabilities

Multiple WP plugin vulnerabilities

In a coordinated effort, the folks from Sucuri and Yoast have worked together to identify a security vulnerability in multiple WordPress plugins, including some of the top plugins in the repository.

Read more

WP Super Cache vulnerability

WP Super Cache vulnerability

A new security exploit has been identified in a common WordPress plugin, WP Super Cache. This plugin is an open source plugin available to WordPress users. Upgrading to the latest version 1.4.4 from within the WordPress dashboard will address this known bug and resulting vulnerability.

Read more

Security vulnerability

FREAK SSL/TLS vulnerability

A new SSL/TLS vulnerability named “FREAK” was identified by several security researchers. This threat allows an attacker to get between a client and server and view what is intended to be a secure and private communication. The vulnerability is primarily due to a bug in OpenSSL client software, but only exploitable on poorly configured web servers. Both clients and servers are at risk. Web site owners can protect their sites by properly configuring their web servers by removing affected ciphers and restarting their servers.

Read more