Disqus Vulnerability for WordPress

A Remote code execution (RCE) vulnerability has been discovered in the comment and discussion service, Disqus plugin for the plugin used in WordPress. This also allows an attacker to do as they please with the website. The vulnerability was disclosed by a security firm and only works for sites which have PHP 5.1.6 or earlier WordPress 3.1.4 or […]

WordPress Security–3.5.2 Security Update

Great to see a security update for WordPress 3.5.2 WordPress 3.5.2 Maintenance and Security Release. This release adds a number of security fixes including: Blocking server-side request forgery attacks, which could potentially enable an attacker to gain access to a site. Disallow contributors from improperly publishing posts, reported by Konstantin Kovshenin, or reassigning the post’s […]