Internet giant Google is going to be getting really serious about sites that do not use encryption in the very near future. The next version of Google’s Chrome browser (version 56) is due to be released in early 2017, and it will take a bold step in trying to get site owners to secure their websites. At the moment if … Read More
Vulnerability in User Role Editor – Users Can Become Admins
There is a major vulnerability in a popular plugin with over 300,000 active installs: User Role Editor 4.24 and older. The vulnerability allows any registered user to gain administrator access. For sites that have open registration, this is a serious security hole. If you are running User Role Editor, upgrade to the newest version which is 4.25 immediately. Looking at a diff … Read More
3 Severe Plugin Vulnerabilities Fixed in the Last 24 Hours
The following three plugins contain severe vulnerabilities that have all been fixed within the past 24 hours. Details of these vulnerabilities have been released to the public so they are likely already being exploited. If you use any of these plugins, upgrade immediately. Please share with the larger WordPress community. WooCommerce Store Toolkit Plugin (A plugin for WooCommerce made by Visser Labs, not … Read More