According to reports from security experts at Wordfence, five plugins available through the official WordPress.org repository have been compromised in a... (more…)
Read more »
Thinking about bringing a premium plugin into the WordPress ecosystem. There's never been a better time. Here's what you need to think about. (more…)
Read more »
virtualpress - Create clean, isolated virtualized development instances of WordPress on your local workstation. (more…)
Read more »
A couple of days Wordpress released 5.2.4 with a few security patches. Props to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. caught my attention, but I couldn't find a public Proof of Concept, so I set out to reverse engi... (more…)
Read more »
As part of a vulnerability research project for our WordPress Security Scanner at WPcans.com, we have been auditing popular WordPress plugins looking for security issues. While auditing the WordPress plugin Loginizer, we discovered a SQL Injection vulnera... (more…)
Read more »