WordPress Plugin Security & Open Forum

Plugins are used to not only infiltrate your site, but to insert malicious code into your site. 

It’s done covertly and without your knowledge.

A recent investigation conducted concluded that 73{f60a19ca4822ea5083709910a03c8f9e50ac3abaf19315a89f25f66a4b2e306d} of the 40,000 most popular websites that use WordPress software are vulnerable to attack.

In June 2013, checkmarx research labs ran multiple security scans against the source code of the most popular WordPress plugins.

The result? More than 20{f60a19ca4822ea5083709910a03c8f9e50ac3abaf19315a89f25f66a4b2e306d} of the 50 most popular WordPress plugins are vulnerable to the most common Web attacks, such as SQL injection.

In total *8 million venerable WordPress plugins* were downloaded. 

*What is SQL injection?* 
In short, SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

I have created a short 5 minute introduction presentation on the vulnerability of WordPress, please take the time to watch this (http://goo.gl/D80iiH)

According to By Daniel Cid on April 10, 2014 The Jetpack team just released a critical security update to fix a security vulnerability in the Jetpack WordPress plugin.

The vulnerability allows an attacker to bypass the site’s access control and publish posts on the site. All versions of JetPack since October, 2012 (Jetpack 1.9) are vulnerable, and all users should update to version 2.9.3 ASAP.

Jetpack is a very popular plugin for WordPress with almost 10 million downloads, so the impact of such vulnerability can be very big if users do not update.

*Let me introduce our guests:* 

*Ashley Faulks*
He is an Aussie Web Designer living in Switzerland. He spends a lot of time blogging, podcasting and helping businesses grow online.

He is the founder of  MadLemmings.com.

Ashley has been developing web applications for the last 12 years has certainly expanded my knowledge of the web.  But there is still so much more to learn.  Technology never rests!  

Aside from the web, I also spend a lot of time outdoors either hiking, mountain biking, skiing or traveling. In fact as an Aussie living in Europe, my traveling has become my life.

*Zara Altair*

She is the Host of the Midweek Zap (HOA)  

She also owns Actation Now! She is an online marketing specialist focused on helping you with your Google presence. She offers training and resources to help online marketers make wise choices to get noticed on the web to generate leads and income.

Leave a Reply

Your email address will not be published.