Podcast Episode 11: The Dave Ryan Interview
Podcast Episode 11: The Dave Ryan Interview Today we’ve published episode 11 of Think Like a Hacker. As we mentioned earlier in the week, we’ve switched to a new format beginning this week, separating the news and our interview into two episodes. In...Custom Field Suite <= 2.5.14 – Authenticated Cross-Site Scripting (XSS)
https://wpvulndb.com/vulnerabilities/9273 Source: Security FeedNinja Forms File Uploads Extension <= 3.0.22 – Unauthenticated Arbitrary File Upload
https://wpvulndb.com/vulnerabilities/9272 Source: Security FeedTomorrow is WordPress Translation Day 4
The fourth edition of WordPress translation day is coming up on Saturday 11 May 2019: tomorrow! Get ready for a 24-hour, global marathon dedicated to localizing the WordPress platform and ecosystem. This event takes place both online and in physical locations across...Podcast Episode 10: WordPress 5.2 Security Enhancements and Other News
Podcast Episode 10: WordPress 5.2 Security Enhancements and Other News Today we are pleased to bring you the tenth episode of Think Like a Hacker. We’re doing things a little different this week, separating the news and our interview into two episodes. In...
Announcing The New Website File Changes Monitor Plugin for WordPress
https://www.wpwhitesecurity.com/announcing-new-website-file-changes-monitor-plugin-wordpress/We have been toying with the idea of developing a WordPress file integrity scanning and monitoring plugin for quite some time. However, we did not want to develop just another...
Persistent XSS via CSRF in WP Meta and Date Remover
http://feedproxy.google.com/~r/sucuri/blog/~3/nGpaZYx5BGU/persistent-xss-via-csrf-in-wp-meta-and-date-remover.html During regular research audits for our Sucuri Firewall (WAF), we discovered a Cross Site Request Forgery (CSRF) leading to a persistent Cross Site...