WordPress is amazing, we can’t argue with that. It’s efficient, powerful, and functional. However, given that it is the most popular Content Management System (CMS) in use, it is also the most vulnerable CMS platform out there.

The Pingback Vulnerability – Check old campaign sites!

The WordPress Pingback vulnerability allows an attacker to use your WordPress instance as a proxy server. The vulnerability itself is pretty old, but still the reason behind many DDoS attacks. It can be used to camouflage criminal behaviour and make it appear to originate from your service or gain to internal networks.

SOLUTION: All default installations of WordPress 3. come with the vulnerable feature enabled, so we recommend you to run scans on old campaign sites to see if they are affected. If they are, make sure to reconfigure your WordPress version.

With great , come great plugins… and more vulnerabilities

Are you using the SEO plugin Yoast to increase search engine traffic? Many plugins have vulnerabilities, and Yoast has had both SQL injections and CSRF vulnerabilities in the past. This is yet another reminder of how important it is to update your plugins on a regular basis.

Source link


Please enter your comment!
Please enter your name here