Keep Up-to-Date with WordPress Security Issues with WP Secure
The publisher of WP Secure posted on my G+ wall the other days and I liked his site so much I just thought that I should share. WP Secure is an up-to-date website containing information about WordPress security vulnerabilities.
WP Secure maintains a list of all of the latest WordPress security vulnerabilities from themes and plugins from WordPress.org. As well as listing security exploits, WP Secure has tips on security, advanced security, a server guide and security plugins.
Here are some recent security exploits:
All in One Adsense and YPN
Access to wp-content/plugins/all-in-one-adsense-and-ypn/all-in-one-adsense-and-ypn.php is not properly restricted, enabling a hacker to edit Google Adsense account details or conduct script insertion attacks.
Input passed to the “rA” POST parameter in social-slider-2/ajax.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
So add it to your RSS Reader and keep up to date with the latest security exploits.