Results 1 to 7 of 7

Thread: SEOPress WordPress plugin flaw left 100k sites wide open

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    SEOPress WordPress plugin flaw left 100k sites wide open

    Version 5.0.4 patches flaw that let attackers "inject arbitrary web scripts on a site".
    Read more.

  2. #2
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    31,891
    Thanks
    3,851
    Thanked
    5,144 times in 3,967 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: SEOPress WordPress plugin flaw left 100k sites wide open


  3. Received thanks from:

    afiretruck (18-08-2021)

  4. #3
    Registered+
    Join Date
    Jul 2006
    Posts
    65
    Thanks
    0
    Thanked
    22 times in 13 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    A SEO product is actually dangerous, that never happens - usually it's just snake oil anyway

  5. #4
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    2,347
    Thanks
    756
    Thanked
    643 times in 431 posts
    • AGTDenton's system
      • Motherboard:
      • MSI MEG X570S ACE MAX
      • CPU:
      • AMD 5950x
      • Memory:
      • 32GB Corsair something or the other
      • Storage:
      • 1x 512GB nvme, 1x 2TB nvme, 2x 8TB HDD
      • Graphics card(s):
      • ASUS 3080 Ti TuF
      • PSU:
      • Corsair RM850x
      • Case:
      • Fractal Design Torrent White
      • Operating System:
      • 11 Pro x64
      • Internet:
      • Fibre

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Definitely worth using auto updates

  6. #5
    Super Moderator Jonj1611's Avatar
    Join Date
    Jun 2008
    Posts
    5,289
    Thanks
    1,506
    Thanked
    879 times in 669 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    If you have a Wordpress site, Wordfence is definitely the plugin you want, even the free version of it will protect you
    Jon

  7. #6
    Registered+
    Join Date
    Dec 2012
    Posts
    71
    Thanks
    0
    Thanked
    2 times in 1 post
    • AndyM2012's system
      • Motherboard:
      • Asus Prime Z390-A
      • CPU:
      • Intel i5-9600K
      • Memory:
      • Corsair DDR4 2*8GB 3200 MHz CL16
      • Storage:
      • Samsung 970 Pro 512GB
      • Graphics card(s):
      • Asus Strix GTX 1060 6 GB
      • PSU:
      • Seasonic Prime Titanium 650 W
      • Case:
      • Lian Li PC-9N
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus MG248
      • Internet:
      • 200 Mb/s

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    The funny thing is that search engines are constantly trying to defeat the SEO parasites. Well, it would be funny if the parasites weren't as effective as malaria.

  8. #7
    Long member
    Join Date
    Apr 2008
    Posts
    2,427
    Thanks
    70
    Thanked
    404 times in 291 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Quote Originally Posted by AGTDenton View Post
    Definitely worth using auto updates
    Yes and no. If your site is being targetted, it's often quite possible to mimick the update service and send a bogus update with a little "extra sauce". Or to MITM you and intercept, modify and pass on the update. I forget exactly how to do these things but auto updates can be a double edged sword.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •