A vulnerability reported to WordPress in July 2016 was publicly released recently and identified as CVE-2017-8259. The vulnerability could allow an attacker to gain unauthorized access to a victim’s WordPress account.
Read More WordPress Unauthorized Password Reset Vulnerability (CVE-2017-8259)Security vulnerabilities are addressed in WordPress 4.7.2. An XSS and SQL injection vulnerability (wp_query()) were discovered and have been patched.Update your sites.
Read More WordPress 4.7.2 is Available for UpdateI had some time at lunch to kill, so I decided to see how Malware techniques were improving in the land of WordPress and free premium theme download sites. Enter the Darknet. A simple Google search got me a theme ZIP file pretty quickly. Now, it was time to see what malicious happenings this thing…
Read More Part 1: Analysis of a WordPress Malware