Say hello to WP 2FA – a new free WordPress two-factor authentication plugin
An administrator should be able to add two-factor authentication (2FA) to a WordPress site easily within minutes. The admin should also be able to configure policies to make 2FA compulsory, and users should be able setup 2FA without requiring any training or technical knowledge. We started developing WP 2FA with that in mind: develop an […]
Should maintained plugins be suspended from the WordPress repository when there is a security issue?
On 27th February 2020, at 9:34PM (CET) we received an email notifying us that our plugin WP Activity Log was “temporarily withdrawn from the WordPress.org Plugin directory due to an exploit”. We submitted a fix on Friday, 28th February 2020, at 4:08PM. It only took us 16.5 hours to release the fix. We would have […]
Was Your WordPress Website Hacked by WP White Security?
We have seen a number of successful WordPress hack attacks where a WordPress user was created with an email address email@example.com. Such hacks are not done by us. Read this article for more information about these type of attacks.
Collective WordPress Plugins Security Advisory Addresses XSS Vulnerability
A cross-site scripting vulnerability has been discovered in a number of WordPress plugins and today all of them have released updates to address this issue. Read this article for more details.
WordPress Security Bloggers – Central Source for WordPress Security News and Updates
WP Security Bloggers is a WordPress security news central. The website pulls WordPress security news and updates from a number of prominent WordPress security blogs, websites and various other security sources.
Statistics Highlight the Biggest Source of WordPress Vulnerabilities
WordPress vulnerabilities statistics show that the main source of WordPress vulnerabilities are in WordPress plugins. These vulnerabilities statistics also show how important it is to always run the latest version of WordPress core, plugins and themes.
WordPress WordCamp Europe | October 2013
WP White Security will be at the first large-scale European WordPress WordCamp, which will be held between the 5th and the 7th of October 2013, in Leiden, Holland. If you will be at the WordCamp, or around Leiden, come and speak to us.
Statistics Show Why WordPress is a Popular Hacker Target
Shocking statistics show that more than 70% of the top 40,000 WordPress installations are vulnerable to hacker attacks because an old and vulnerable version of WordPress is being used. Read more about the state of security of WordPress website in this news article.
An Infographic About the State of Security of WordPress Blogs and Websites
A recent WordPress security infographic shows that more than 170,000 WordPress blogs and websites were hacked in 2012. Most of them were hacked via a vulnerability in the plugin or theme they were using. Read this blog post for more information about the state of security of WordPress sites.
State of Security of WordPress Plugins
A source code analysis of several WordPress plugins shows that more than 20% of the 50 most popular WordPress plugins are vulnerable to common web attacks. In this blog post we present you with the facts and statistics of this one of a kind study and give recommendations to help WordPress owners choose secure plugins and to help WordPress plugins developers develop more secure plugins.