security

WP Rest API Featured Image

The WP REST API development team has released a critical security update. Rachel Baker, one of the lead developers of the WP REST API plugin says, “The release fixes a serious information disclosure vulnerability, which allowed for unpublished content and post revisions to be retrieved via the REST API.” The security vulnerability affects versions (more…)

FBI Warns of ISIL Defacement Attacks on WordPress Sites

The FBI issued a public service announcement today, warning concerning WordPress website attacks being carried out by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS). The perpetrators of these attacks are defacing sites across various platforms such as news organizations, (more…)

Jetpack 3.4 Adds Protection Against Brute Force Attacks

Last August, Automattic acquired Parka, LLC, the makers of the BruteProtect security tool for WordPress, with the goal of integrating its features into Jetpack. The services provided in BruteProtect Pro were subsequently offered for free. Jetpack 3.4 was released today with brute force protection available to users via a new (more…)

Pods Framework Security Release Fixes Severe Vulnerability

Last week a blind SQL injection vulnerability was discovered in Yoast’s popular WordPress SEO plugin. Given the severity of the vulnerability and the fact that the plugin is installed on more than one million WordPress sites, the security team at WordPress.org pushed a forced update to mitigate the possibility of (more…)

WordPress Weekly Featured Image

In this episode of WordPress Weekly, Marcus Couch and I discuss a lot of different stories. We share our opinions on the redesigned theme and plugin directories. We discuss CodeGuard’s survey results that indicate WordPress users need a lot more education on backup plugins, strategies, and services. Last but not (more…)

WordPress Publishes Security White Paper

As WordPress currently powers 23% of the web, the platform’s security is constantly under scrutiny. WordPress has long been a favorite target of hackers and spammers who want to get the most return on their efforts. Since the the platform powers millions of websites, a critical vulnerability with a popular (more…)