Wordpress Plug-ins ALERT!!

[jensen]

The three leading Software vulnerabilities affecting the most websites in the first quarter were the RevSlider and GravityForms plugins, followed by the TimThumb script.

If you are using WordPress and are specifically using the any of the above plug-ins PLEASE PAY ATTENTION!! Don't let your guard down on your website.

Suggestion - Have a core team who is familiar with WordPress to push out warning to members so they would be careful what plug-ins they use and what precautions they must take.

 

[Corey]

If there was a good way to educate people on this stuff I'd be happy to do it, from experience though unless something is immediately causing an issue and even then most people won't take action on it. Especially with Wordpress, people like to install 50 plugins then "set and forget" it.

We generally try to block new exploits server side with mod security and xVarnish to help take part of the responsibility away from the end users.