PC World

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability. WordPress version ...
Threat Post

WordPress XSS Bug Allows Drive-By Code Execution

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...
IT News For Australia Business

WordPress upgrades to fix malicious code execution

Developers have released an updated version of WordPress after hackers compromised the popular blog-publishing tool, opening the door for remote code execution. Attackers manipulated the code of ...
Threat Post

Joomla and WordPress Found Harboring Malicious Redirect Code

New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites. Security researchers are warning owners of Joomla and WordPress websites of a malicious redirect script ...
TechCrunch

Hacker Gains Access To WordPress.com Servers, Site Source Code Exposed

WordPress.com has revealed that someone has gained root-access (“low-level,” as in deep) to several of its servers this morning and that VIP customers’ source code was accessible. WordPress.com VIP ...
Searchenginejournal.com

WordPress 5.3 Adopts Rel UGC Nofollow Link Attribute

Any WordPress plugin that is involved with user generated content and links may have to update their code in order to support the new code. The WordPress announcement did not specify if plugins using ...
IT News For Australia Business

WordPress upgrades to fix flaw that allows malicious PHP code execution

Developers have released an updated version of WordPress after hackers compromised the popular blog-publishing tool, opening the door for remote code execution. Attackers manipulated the code of ...