Million-Plus WordPress Sites Exposed by Vulnerable Plugin

The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk. Continue reading Million-Plus WordPress Sites Exposed by Vulnerable Plugin

WordPress Patches SOME, XSS Flaws in Version 4.5.2

WordPress has issued a security release, patching a SOME vulnerability in Plupload, and a reflected cross-site scripting bug in MediaElement.js. Continue reading WordPress Patches SOME, XSS Flaws in Version 4.5.2