WPSecurityLock – Malware removal & WordPress security services
WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.
TimThumb.php found with zero-day vulnerability! Update Now. TimThumb is PHP script for image cropping, zooming and resizing. This script is commonly included in many WordPress themes and plugins. Unfortunately, without removing or updating the timthumb.php script, your site is at risk of being … Read more about Warning: TimThumb.php Vulnerability in WordPress Themes and Plugins
WordPress offers some great built-in security features for combating comment spam, but are you using them? We write blog posts in the hopes that we provide useful information to our readers and encourage them to leave a comment. However, readers do not want to leave a comment on a blog filled with … Read more about WordPress Security Tip: Reduce Comment Spam
Help improve WordPress by taking the WordPress 2011 Survey. Your answers will help the WordPress core team and others improve the software and other services offered to WordPress users. This survey is about 10 questions and will only take a few minutes of your time. Your personal information will … Read more about WordPress 2011 Survey
The Google Analytics for WordPress plugin was found with a XSS scripting vulnerability, if the track outbounds clicks option was selected. This issue was found by David Whitehouse and James Slater of DavidNaylor.co.uk and notified the develop right away. The developer, Joost de Valk took … Read more about Google Analytics for WordPress Plugin Vulnerability Fixed
WordPress 3.2.1 was released to the public on July 12, 2011. This is a maintenance release for WordPress 3.2 and all self-hosted WordPress users should update their blogs to this latest stable version as soon as possible. According to Andrew Nacin, a core developer of WordPress, Version 3.2.1 fixes … Read more about WordPress 3.2.1 Update — Maintenance Releases Fixes
Happy 4th of July! Just on the heels of the WordPress 3.1.4 security release, the developers have finished the new and improved WordPress 3.2 "Gershwin" and has been released to the public and ready for download. WordPress 3.2 is their 15th major release and comes with many improvements and added … Read more about WordPress 3.2 Gershwin is Released!
WordPress Security Alert: Hacked WP-phpMyAdmin plugin — found vulnerable backdoor. Remove it! Over the past few weeks, I have been cleaning several hacked WordPress sites for clients and found a commonality, the WP-phpMyAdmin plugin. This caught my eye because I don't see this plugin being used very … Read more about WP-phpMyAdmin Plugin Hacked — Backdoor Vulnerability
On June 21, 2011, Matt Mullenweg reported on WordPress.org that the popular WordPress plugins, AddThis, WPtouch and W3 Total Cache were found with cleverly disguised backdoors. These security vulnerabilities were discovered inside the WordPress.org repository and it is at no fault of the plugin … Read more about Warning: Backdoor in AddThis, WPtouch and W3 Total Cache plugins