security

WordPress 4.2, released last week, has a new zero-day security vulnerability. WordPress is now working on a patch but there is no ETA as yet. More details from Sucuri here. The problem is: “An attacker could leverage a bug in the way comments are stored in the site’s database to insert malicious scripts on your […]

This week’s WordPress and web marketing links. Concerned about WordPress security? Stay updated and use strong passwords – that’s most of the battle. See what Matt Mullenweg had to say about security recently in Quora. How to build a Classified Advertising site in WordPress. A review and tutorial for the commercial plugin WPAdverts. How to […]

How safe is WordPress

In light of the security problems found (and fixed) last month in a couple of popular plugins, I thought this was a timely topic. Two very popular plugins used by clients and that I use myself are WordPress SEO by Yoast and Google Analytics by Yoast, both, as it turns out, from Yoast. These are great plugins; […]

A security problem was found on March 18th in the popular plugin Google Analytics by Yoast.  This plugin has been downloaded nearly 7 million times according to statistics at the Yoast website. There were no reports of hacks using the security loophole, and Yoast responded quickly and got a fixed update ready for release  on […]

A security problem was found in the very popular Fancybox for WordPress on February 4 that led to many infected websites. The plugin was removed from the WordPress.org plugin repository temporarily until the plugin developer released a new version that patched the security issue on February 7. If you’re using this plugin, make sure you update […]