TimThumb.php found with zero-day vulnerability! Update Now. TimThumb is PHP script for image cropping, zooming and resizing. This script is commonly included in many WordPress themes and plugins. Unfortunately, without removing or updating the timthumb.php script, your site is at risk of being … Read more about Warning: TimThumb.php Vulnerability in WordPress Themes and Plugins
The Google Analytics for WordPress plugin was found with a XSS scripting vulnerability, if the track outbounds clicks option was selected. This issue was found by David Whitehouse and James Slater of DavidNaylor.co.uk and notified the develop right away. The developer, Joost de Valk took … Read more about Google Analytics for WordPress Plugin Vulnerability Fixed
WordPress Security Alert: Hacked WP-phpMyAdmin plugin — found vulnerable backdoor. Remove it! Over the past few weeks, I have been cleaning several hacked WordPress sites for clients and found a commonality, the WP-phpMyAdmin plugin. This caught my eye because I don't see this plugin being used very … Read more about WP-phpMyAdmin Plugin Hacked — Backdoor Vulnerability
On June 21, 2011, Matt Mullenweg reported on WordPress.org that the popular WordPress plugins, AddThis, WPtouch and W3 Total Cache were found with cleverly disguised backdoors. These security vulnerabilities were discovered inside the WordPress.org repository and it is at no fault of the plugin … Read more about Warning: Backdoor in AddThis, WPtouch and W3 Total Cache plugins
The developers of WordPress.org work proactively to provide you with safe open-source publishing software. As critical bugs and vulnerabilities are reported, the WordPress developers work diligently to fix them and release maintenance versions. They do take WordPress security seriously. For … Read more about Report WordPress Bugs and Vulnerabilities