-
That theme you just bought may not be safe
We’ve all been there. You create a new site and don’t have time to design your own theme for it. You go to either Google or one of the many available theme purchasing sites and buy a theme for your site and voila, all done. But not all themes are safe, even the ones from…
-
All Your Contact Forms Are Belong to Us: Critical Vulnerability Found in PHPMailer
David Golunski found a big vulnerability in PHPMailer. Essentially the sender data isn’t sanitized in PHPMailer versions less than 5.2.18. More details at Wordfence. The 4.7 version of WordPress has PHPMailer in it’s core in /wp-includes/class-smtp.php.
-
Good Bootstrap to WordPress Tutorial
So, I had to pick back up my wordpress theming skills for a job I’m starting, and found a good tutorial that shows you how to convert a bootstrap site to a wordpress theme. (Kill two birds with one stone). Check out Building WordPress Themes with Bootstrap over at EnvatoTuts+ by Adi Purdilla
-
Hacking 27% of the Web via WordPress Auto-Update
We think that some of the tools that we use for the web are secure if it comes automatically from a central point. Well, the guys over at Wordfence found a pretty significant point of failure at the api.wordpress.org service.