Results 1 to 7 of 7

Thread: SEOPress WordPress plugin flaw left 100k sites wide open

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,570
    Thanks
    0
    Thanked
    2,019 times in 718 posts

    SEOPress WordPress plugin flaw left 100k sites wide open

    Version 5.0.4 patches flaw that let attackers "inject arbitrary web scripts on a site".
    Read more.

  2. #2
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    31,518
    Thanks
    3,732
    Thanked
    5,031 times in 3,886 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: SEOPress WordPress plugin flaw left 100k sites wide open


  3. Received thanks from:

    afiretruck (18-08-2021)

  4. #3
    Registered+
    Join Date
    Jul 2006
    Posts
    57
    Thanks
    0
    Thanked
    19 times in 11 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    A SEO product is actually dangerous, that never happens - usually it's just snake oil anyway

  5. #4
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    1,932
    Thanks
    502
    Thanked
    396 times in 283 posts
    • AGTDenton's system
      • Motherboard:
      • ASUS P6T7 WS Supercomputer
      • CPU:
      • Intel Core i7 980
      • Memory:
      • 24GB Corsair Dominator GT
      • Storage:
      • Samsung 860 Pro + HDDs
      • Graphics card(s):
      • Asus 1030
      • PSU:
      • Seasonic X-850W
      • Case:
      • Fractal Design R3
      • Operating System:
      • 10 Pro x64
      • Internet:
      • 70MB using BT line

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Definitely worth using auto updates

  6. #5
    Super Moderator Jonj1611's Avatar
    Join Date
    Jun 2008
    Posts
    4,786
    Thanks
    1,276
    Thanked
    726 times in 553 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    If you have a Wordpress site, Wordfence is definitely the plugin you want, even the free version of it will protect you
    Jon

  7. #6
    Registered+
    Join Date
    Dec 2012
    Posts
    70
    Thanks
    0
    Thanked
    2 times in 1 post
    • AndyM2012's system
      • Motherboard:
      • Asus Prime Z390-A
      • CPU:
      • Intel i5-9600K
      • Memory:
      • Corsair DDR4 2*8GB 3200 MHz CL16
      • Storage:
      • Samsung 970 Pro 512GB
      • Graphics card(s):
      • Asus Strix GTX 1060 6 GB
      • PSU:
      • Seasonic Prime Titanium 650 W
      • Case:
      • Lian Li PC-9N
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus MG248
      • Internet:
      • 200 Mb/s

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    The funny thing is that search engines are constantly trying to defeat the SEO parasites. Well, it would be funny if the parasites weren't as effective as malaria.

  8. #7
    Long member
    Join Date
    Apr 2008
    Posts
    2,384
    Thanks
    67
    Thanked
    401 times in 288 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Quote Originally Posted by AGTDenton View Post
    Definitely worth using auto updates
    Yes and no. If your site is being targetted, it's often quite possible to mimick the update service and send a bogus update with a little "extra sauce". Or to MITM you and intercept, modify and pass on the update. I forget exactly how to do these things but auto updates can be a double edged sword.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •