WordPress 4.7.2 post mortem

A few weeks ago, WordPress released version 4.7.2 to
address several security vulnerabilities, including one critical one.
This vulnerability allowed a remote, unauthorised attack to update web pages via
the REST API. Since then, hundreds of thousands of … Read more

Similar

Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. ...

Read more »

Moving Toward SSL – WordPress

We’re at a turning point: 2017 is going to be the year that we’re going to see features in WordPress which require hosts to have HTTPS available. Just as JavaScript is a near necessity for smoother…

Read more »