WordPress 4.7.2 post mortem

A few weeks ago, WordPress released version 4.7.2 to
address several security vulnerabilities, including one critical one.
This vulnerability allowed a remote, unauthorised attack to update web pages via
the REST API. Since then, hundreds of thousands of … Read more

Read full article

Similar

WordPress moving away from React due to patents clause

Big companies like to bury unpleasant news on Fridays: A few weeks ago, Facebook announced they have decided to dig in on their patent clause addition to the React license, even after Apache had sa… (more…)

Troubleshooting WordPress for Sysadmins

Problems with Wordpress installations are common and system administrators are often required to fix them. In this blog article, we will go through a number of basic troubleshooting steps that address the most frequent issues. (more…)

WordPress Core (4.74 or lower) Potential Unauthorized Password Reset (0day)

A playground & labs For Hackers, 0day Bug Hunters, Pentesters, Vulnerability Researchers & other security folks. Learn, share, pwn. (more…)

Page Builder by SiteOrigin Vulnerabilities Expose 1M WordPress Sites

Two vulnerabilities were reported in Page Builder by SiteOrigin, which is a very popular WordPress plugin installed on more than 1 million websites. (more…)

Full-Site Hacking on WordPress

Learn how to visually edit everything using Tharzen on WordPress... (more…)

Latest News

Tetrisly Design System React for Free

Mistral AI only hiring female AI researchers

Practical suggestions for building intuition around Rust borrow errors