djbaxter

Administrator
Administrator
Moderator
Joined
Jun 28, 2012
Messages
3,522
Reaction score
1,670
Millions of WordPress Websites Affected By Plugin Vulnerability
by Matt Southern, Search Engine Journal
May 6, 2015

Web security firm Sucuri has reported on the discovery of a WordPress plugin vulnerability affecting any site that uses the genericons package.

At this time, the JetPack plugin (installed on over 1 million sites) and the TwentyFifteen theme (installed by default) have been identified as vulnerable. Apparently, any plugin is potentially vulnerable if it includes the example.html file that comes with the genericons package.

That being said, the simple fix to protect yourself from this vulnerability is to remove the example.html file from the genericons package, which is unnecessary to begin with.

Read more...
 

djbaxter

Administrator
Administrator
Moderator
Joined
Jun 28, 2012
Messages
3,522
Reaction score
1,670
Note:

Even if you're not using the TwentyFifteen theme, the security risk of an unpatched version may still be present. The theme is installed by default and an update is already available.

As a general rule, it is best practice to delete any WordPress themes and plugins you're not using to avoid unnecessary security vulnerability issues.
 
Similar threads
Thread starter Title Forum Replies Date
djbaxter Millions of users affected by malicious Edge and Chrome browser extensions Websites, Software, and Security 1
djbaxter CAA bug revokes 3 million Let's Encrypt certificates Websites, Software, and Security 0
JoyHawkins 4-Star Fake Review Issue - Over 2.3 Million Fake Ratings on Google Local Reviews 32
J Facebook?s Places Graph makes 140 million locations available to developers Mobile & Social 4
Linda Buquet Terrible Fake Trump Business Reviews could cost the #Trump Empire $100 Million. SAD! Local Reviews 2
JoyHawkins Google sent out over 4.3 Million Manual Penalties in 2015 Organic SEO 3
djbaxter Google Ranking Factors: Results from a Million Search Results Organic SEO 6
Linda Buquet Locksmith Sues Google for Millions for Spam/Fake Local Listings Google My Business & Google Maps 9
Linda Buquet Groupon Launches Business Directory with Millions of Small Business Listings Local Search 5
HurricaneK8 "Google to Buy Satellite Service Skybox for $500 Million to Improve Maps" Google My Business & Google Maps 0
Linda Buquet From Potato Seller to Million $ Local Search Agency Consultant's Corner 4
rich_marlatt What Wordpress plugins do you recommend for SEO and Schema Markup? Ask a LocalU Expert [PRIVATE] (LocalU) 5
djbaxter WordPress: Contact Form 7 File Upload Vulnerability Websites, Software, and Security 0
djbaxter WordPress: The NoneNone Brute Force Attacks: Currently Active Websites, Software, and Security 0
djbaxter New features in WordPress 5.6 Websites, Software, and Security 0
djbaxter PHP 8: What WordPress Users Need to Know Websites, Software, and Security 0
djbaxter Speed Test for WordPress sites Websites, Software, and Security 1
djbaxter New WordPress Toolkit from cPanel Websites, Software, and Security 0
djbaxter Facebook & Instagram embeds on WordPress will break soon Websites, Software, and Security 1
djbaxter WordPress 5.5 update breaks plugins: Here’s the fix Websites, Software, and Security 6
Andrew Scherer Hacking QDF with WordPress Plugins Local Content 2
djbaxter Bing URL Submissions Plugin For WordPress Websites, Software, and Security 2
A What Wordpress Website Builder & Theme do you use? (Page speed in mind) Organic SEO 4
A What Wordpress Speed Optimizing Plugins do you use? Websites, Software, and Security 7
djbaxter WordPress Sites Targeted in Large-Scale Attacks Websites, Software, and Security 0
C Don’t we all want to develop fast websites? WordPress fastest page speeds using background images <srcset>, <img>, <picture>, @media, @2x retina Websites, Software, and Security 0
djbaxter Ninja Forms WordPress Plugin: High Severity Vulnerability Patched Websites, Software, and Security 0
djbaxter Test your Contact Form 7 on WordPress sites! Recycle Bin 4
djbaxter Critical security flaw in WordPress Jetpack plugin Websites, Software, and Security 0
djbaxter Site Kit by Google WordPress plugin Websites, Software, and Security 11
djbaxter WordPress Rich Reviews Plugin Under Active Attack Websites, Software, and Security 1
djbaxter Malicious WordPress Redirect Campaign Attacking Several Plugins Websites, Software, and Security 1
P New wordpress website Websites, Software, and Security 5
Chris Ratchford Anyone familiar w/ Advanced Custom Fields (for WordPress)? Consultant's Corner 6
brettmandoes Speed Plugin for WordPress sites Websites, Software, and Security 19
Jo Shaer Auto publishing from Wordpress blog to GMB post Google My Business & Google Maps 5
D Google Reviews Widget for WordPress Recycle Bin 0
djbaxter Security vulnerability in WordPress Slick Popup Plugin Websites, Software, and Security 1
djbaxter Stay current with the latest WordPress and Plugins Security Issues with this newsletter Websites, Software, and Security 0
djbaxter Urgent! Serious Security Threat Found in WordPress Plugin Yuzo Related Posts Websites, Software, and Security 1
djbaxter Grammarly Adds Junk Code to WordPress Posts and Pages Websites, Software, and Security 4
djbaxter Vulnerabilities in Two WordPress Plugins Websites, Software, and Security 2
djbaxter WordPress 5.1.1 Patches Critical Vulnerability: Update now Websites, Software, and Security 0
R Free Webinar: Wix, Weebly, Squarespace and WordPress - Which Is Best? Events 0
JoyHawkins Who is Switching to Wordpress 5.0? Websites, Software, and Security 13
djbaxter Google WordPress Plugin to Integrate Analytics, Search Console, AdSense, PageSpeed Websites, Software, and Security 4
Dan Foland Has anyone else been experiencing a rise in Brute Force attacks on WordPress recently? Websites, Software, and Security 4
djbaxter WordPress Alert: PHP 5.6 and 7.0 reach EOL December 2018 Websites, Software, and Security 2
Josh Gill New Wordpress Plugin to Manage GMB Posts Google My Business & Google Maps 12
P Broadband provider blocks wordpress site: Effect on SEO / local search? Local Search 2

Similar threads

Login / Register

Already a member?   LOG IN
Not a member yet?   REGISTER

Most UpVoted Answers

Trending: Most Viewed

LocalU Podcasts

  Promoted Posts

New advertising option: A review of your product or service posted by a Sterling Sky employee. This will also be shared on the Sterling Sky & LSF Twitter accounts, our Facebook group, LinkedIn, and both newsletters. More...
Google Product Exert


Top Bottom