Results 1 to 7 of 7

Thread: SEOPress WordPress plugin flaw left 100k sites wide open

  1. 18-08-2021, 01:11 PM #1
    HEXUS
    HEXUS is offline
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    SEOPress WordPress plugin flaw left 100k sites wide open

    Version 5.0.4 patches flaw that let attackers "inject arbitrary web scripts on a site".
    Read more.
    Reply With Quote Reply With Quote
  2. 18-08-2021, 01:19 PM #2
    CAT-THE-FIFTH
    CAT-THE-FIFTH is offline
    Moosing about! CAT-THE-FIFTH's Avatar
    Join Date
    Aug 2006
    Location
    Not here
    Posts
    32,042
    Thanks
    3,909
    Thanked
    5,213 times in 4,005 posts
    • CAT-THE-FIFTH's system
      • Motherboard:
      • Less E-PEEN
      • CPU:
      • Massive E-PEEN
      • Memory:
      • RGB E-PEEN
      • Storage:
      • Not in any order
      • Graphics card(s):
      • EVEN BIGGER E-PEEN
      • PSU:
      • OVERSIZED
      • Case:
      • UNDERSIZED
      • Operating System:
      • DOS 6.22
      • Monitor(s):
      • NOT USUALLY ON....WHEN I POST
      • Internet:
      • FUNCTIONAL

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Reply With Quote Reply With Quote

  3. Received thanks from:

    afiretruck (18-08-2021)
  4. 18-08-2021, 01:45 PM #3
    Darkedge
    Darkedge is offline
    Registered+
    Join Date
    Jul 2006
    Posts
    65
    Thanks
    0
    Thanked
    22 times in 13 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    A SEO product is actually dangerous, that never happens - usually it's just snake oil anyway
    Reply With Quote Reply With Quote
  5. 18-08-2021, 02:57 PM #4
    AGTDenton
    AGTDenton is online now
    Senior Member AGTDenton's Avatar
    Join Date
    Jun 2009
    Location
    Bracknell
    Posts
    2,810
    Thanks
    1,056
    Thanked
    871 times in 568 posts
    • AGTDenton's system
      • Motherboard:
      • MSI MEG X570S ACE MAX
      • CPU:
      • AMD 5950x
      • Memory:
      • 64GB Corsair something or the other
      • Storage:
      • 1x 512GB nvme, 1x 2TB nvme, 2x 8TB HDD
      • Graphics card(s):
      • ASUS 3080 Ti TuF
      • PSU:
      • Corsair RM850x
      • Case:
      • Fractal Design Torrent White
      • Operating System:
      • 11 Pro x64
      • Internet:
      • Fibre

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Definitely worth using auto updates
    Reply With Quote Reply With Quote
  6. 18-08-2021, 03:31 PM #5
    Jonj1611
    Jonj1611 is offline
    Super Moderator Jonj1611's Avatar
    Join Date
    Jun 2008
    Posts
    5,827
    Thanks
    1,870
    Thanked
    1,021 times in 783 posts

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    If you have a Wordpress site, Wordfence is definitely the plugin you want, even the free version of it will protect you
    Jon
    Reply With Quote Reply With Quote
  7. 18-08-2021, 07:33 PM #6
    AndyM2012
    AndyM2012 is offline
    Registered+
    Join Date
    Dec 2012
    Posts
    71
    Thanks
    0
    Thanked
    2 times in 1 post
    • AndyM2012's system
      • Motherboard:
      • Asus Prime Z390-A
      • CPU:
      • Intel i5-9600K
      • Memory:
      • Corsair DDR4 2*8GB 3200 MHz CL16
      • Storage:
      • Samsung 970 Pro 512GB
      • Graphics card(s):
      • Asus Strix GTX 1060 6 GB
      • PSU:
      • Seasonic Prime Titanium 650 W
      • Case:
      • Lian Li PC-9N
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Asus MG248
      • Internet:
      • 200 Mb/s

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    The funny thing is that search engines are constantly trying to defeat the SEO parasites. Well, it would be funny if the parasites weren't as effective as malaria.
    Reply With Quote Reply With Quote
  8. 19-08-2021, 09:09 AM #7
    philehidiot
    philehidiot is offline
    Long member
    Join Date
    Apr 2008
    Posts
    2,427
    Thanks
    70
    Thanked
    404 times in 291 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: SEOPress WordPress plugin flaw left 100k sites wide open

    Quote Originally Posted by AGTDenton View Post
    Definitely worth using auto updates
    Yes and no. If your site is being targetted, it's often quite possible to mimick the update service and send a bogus update with a little "extra sauce". Or to MITM you and intercept, modify and pass on the update. I forget exactly how to do these things but auto updates can be a double edged sword.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules