Webmasters still using the deprecated WP Marketplace WordPress plugin should update to a new e-commerce utility as soon as possible, and remove the plugin from their sites in order to avoid having their servers compromised. The reason for this
Yoast SEO v3.2.4 and earlier versions have a security vulnerability that can give people access to your SEO settings. WordPress and Yoast SEO users: If you do not have the most recent version of the Yoast SEO plugin, grab it now. Last Friday, it
How do I choose whats good and whats not so good in plugins?
Once you have finally made a decision on the focus of your website and are ready to set up your WordPress install, it’s time to decide on the theme that you will be using and select a series of plugins in order to build upon the core
There is a critical vulnerability in WordPress’ Gwolle Guestbook plugin, which has over 10 000 active installations globally. The vulnerability was uncovered by IT security company High-Tech Bridge’s research team last week.
David V Blog, Great Plugins, Security, Vulnerabilities, Wordpress
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently been restored with the discovery of a critical vulnerability in a popular plugin.
Developers release update to close XSS holes in 17 plugins.
More than a dozen WordPress plugins have been updated to patch vulnerabilities that allow attackers to inject potentially dangerous commands into the browsers of people visiting trusted websites. Administrators responsible for WordPress sites
WordPress is introducing more powerful analytics with a new tool called Insights. The main new feature is the ability to tell you what times and days your website is most popular, for example 9:00AM and Tuesdays. One neat tool for independent
The Yoast WordPress SEO plugin, which has been downloaded more than 14 million times, has a serious cross-site scripting vulnerability that can allow an attacker to force a vulnerable site to execute arbitrary HTML code. The bug may have been