Threat Post

WordPress Patches Serious Shortcodes Core Engine Vulnerability

WordPress upgraded to 4.3.1, patching a pair of vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes. WordPress core engine security ...
Searchenginejournal.com

WordPress Update 6.2.1 Causing Sites To Break

A recent WordPress security update featuring multiple security fixes is also causing some sites to stop functioning, causing one developer to exclaim, “This is chaos!!” The update removed a key ...
Searchenginejournal.com

WordPress Popular Posts Plugin Vulnerability Affects 100k+ Sites

An advisory has been issued about a high-severity WordPress vulnerability that makes it possible for attackers to inject arbitrary shortcodes into sites using the WordPress Popular Posts plugin.
Threat Post

PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE

The plug-in’s default settings spawned flaws that could allow for full site takeover but have since been fixed in an update that users should immediately install, Wordfence researchers said. Tens of ...
Computerworld

How to enable shortcodes in WordPress widgets

Shortcodes in Wordpress are small snippets of text that you can enter into a post or page body which trigger a larger function to run at that position. It’s the equivalent of inserting a program ...