security

Considering all of the security talk of the past week, I figured the poll question ought to deal with the subject. Plain and simple, do you think WordPress is secure? Let’s talk about it.

Over the weekend, news quickly spread throughout the WordPress community of a worm that was taking advantage of older versions of WordPress. I found out about the problem through Lorelle’s twitter account where she linked to an article on her blog covering the details of the attack. Mark Ghosh of (more…)

Were you surprised to see WordPress 2.8.3 released? I was, but I didn’t think it would be because of the same security related issue that 2.8.1 was supposed to address. I thought 2.8.3 was released as a bug fix version as a few annoying bugs have popped up that were (more…)

John Kolbert who authors a few different WordPress plugins has released an update to Absolute Privacy. The new update now allows XML-RPC protocols such as the iPhone App and also prevents subscribers from reaching any of the administration pages. Absolute Privacy provides a wealth of options for those wanting to (more…)

QuickOnlineTips.com has a list of what they believe to be the best nine security plugins to use with WordPress. Some of the usual suspects have made the list such as WP Security Scan. I’m not sure if it’s good to mention this or not, but I don’t use any of (more…)

Unfortunately, I bet this is a common question. I should browse the WordPress.com forums to see how many people are inquiring about the recent security upgrade. I have read that there is an important security update for the WordPress blogging software. Do I need to upgrade my blog www.anopensource.wordpress.com, if (more…)

After the security vulnerability kerfuffle that I reported on the other day regarding my beloved contact form 7 plugin, the plugin author has released an update which contains the necessary security fixes. Based on the changes, we can see that the security problem lied within the fact that the previous (more…)

Yesterday afternoon, I was pretty shocked to see a message over twitter from Mark Jaquith announcing that the WP Contact Form 7 plugin had a security vulnerability in it which was being exploited and that anyone using the plugin should uninstall it immediately. Contact Form 7 is a popular plugin. (more…)