|
 |
|
Shop
You are here: News > News > WordPress vulnerable to security attacks
| » IT Security NEWS |
| » 03 May 2009 |
| WordPress vulnerable to security attacks |
| You think your WordPress blog is all safe? Not anymore. A major security threat to WordPress has just been recognized. The blogging software is vulnerable to attacks that skip its security measures unscathed. Bypassing such restrictions would let attackers put malicious code, leading to attacks on that website's visitors. When they have bypassed security, they can turn claim site administrator rights and install malicious code. Such code can be designed to steal login passwords of visitors as well as post malicious “drive-by” executables. The latter have the capability to install spyware and other malicious programs in the visitors' systems. In the case when “backend” server application becomes vulnerable, everyone else is put at risk. WordPress is easily among the populated blogging software online. Thanks to its powerful capabilities and different plugins, it is the top Content Management System (CMS) choice of many; in fact, hundreds of thousands of websites use it. A handful of well known websites use WordPress, including several anti-hacker security websites. Because it is open source, any person can change the code and build plugins for his/her own use. Although this is beneficial, whenever security fixes are completed for Open Source server applications, all that evil minds have to do is contrast the old code with the new, fixed code. It is not difficult to find out the disparity and take advantage of it. After WordPress had released its security fix, even a kid who knows some PHP can play around with the weakness. To make sure you're safe (and your visitors are too), you must upgrade immediately to WordPress 2.5.1. |
 |
 |
Awards & Reviews | |||||
|
||||||
|
|
Subscribe to our Mailing List |
|
|
|
|
Customer References | |
|
||
