Results 1 to 7 of 7

Thread: SEOPress WordPress plugin flaw left 100k sites wide open

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,060 times in 719 posts

    SEOPress WordPress plugin flaw left 100k sites wide open

    Version 5.0.4 patches flaw that let attackers "inject arbitrary web scripts on a site".
    Read more.

  2. #2
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    31,621
    Thanks
    3,757
    Thanked
    5,064 times in 3,912 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: SEOPress WordPress plugin flaw left 100k sites wide open


  3. Received thanks from:

    afiretruck (18-08-2021)

  4. #3
    Registered+
    Join Date
    Jul 2006
    Posts
    65
    Thanks
    0
    Thanked
    22 times in 13 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    A SEO product is actually dangerous, that never happens - usually it's just snake oil anyway

  5. #4
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    1,989
    Thanks
    541
    Thanked
    421 times in 305 posts
    • AGTDenton's system
      • Motherboard:
      • ASUS P6T7 WS Supercomputer
      • CPU:
      • Intel Core i7 980
      • Memory:
      • 24GB Corsair Dominator GT
      • Storage:
      • Samsung 860 Pro + HDDs
      • Graphics card(s):
      • Asus 1030
      • PSU:
      • Seasonic X-850W
      • Case:
      • Fractal Design R3
      • Operating System:
      • 10 Pro x64
      • Internet:
      • 70MB using BT line

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Definitely worth using auto updates

  6. #5
    Super Moderator Jonj1611's Avatar
    Join Date
    Jun 2008
    Posts
    4,837
    Thanks
    1,302
    Thanked
    742 times in 569 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    If you have a Wordpress site, Wordfence is definitely the plugin you want, even the free version of it will protect you
    Jon

  7. #6
    Registered+
    Join Date
    Dec 2012
    Posts
    71
    Thanks
    0
    Thanked
    2 times in 1 post
    • AndyM2012's system
      • Motherboard:
      • Asus Prime Z390-A
      • CPU:
      • Intel i5-9600K
      • Memory:
      • Corsair DDR4 2*8GB 3200 MHz CL16
      • Storage:
      • Samsung 970 Pro 512GB
      • Graphics card(s):
      • Asus Strix GTX 1060 6 GB
      • PSU:
      • Seasonic Prime Titanium 650 W
      • Case:
      • Lian Li PC-9N
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus MG248
      • Internet:
      • 200 Mb/s

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    The funny thing is that search engines are constantly trying to defeat the SEO parasites. Well, it would be funny if the parasites weren't as effective as malaria.

  8. #7
    Long member
    Join Date
    Apr 2008
    Posts
    2,427
    Thanks
    70
    Thanked
    404 times in 291 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Quote Originally Posted by AGTDenton View Post
    Definitely worth using auto updates
    Yes and no. If your site is being targetted, it's often quite possible to mimick the update service and send a bogus update with a little "extra sauce". Or to MITM you and intercept, modify and pass on the update. I forget exactly how to do these things but auto updates can be a double edged sword.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •