Keep Up-to-Date with WordPress Security Issues with WP Secure

WP Secure logoThe publisher of WP Secure posted on my G+ wall the other days and I liked his site so much I just thought that I should share. WP Secure is an up-to-date website containing information about WordPress security vulnerabilities.

WP Secure maintains a list of all of the latest WordPress security vulnerabilities from themes and plugins from WordPress.org. As well as listing security exploits, WP Secure has tips on security, advanced security, a server guide and security plugins.

Here are some recent security exploits:

All in One Adsense and YPN

Access to wp-content/plugins/all-in-one-adsense-and-ypn/all-in-one-adsense-and-ypn.php  is not properly restricted, enabling a hacker to edit Google Adsense account details or conduct script insertion attacks.

Social Sliders

Input passed to the “rA[]” POST parameter in social-slider-2/ajax.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

So add it to your RSS Reader and keep up to date with the latest security exploits.