WordPress 4.9.2 is now available for download. This release is a security and maintenance release for all versions since WordPress 3.7. WPScans strongly encourage you to update your sites immediately. We also recommend using WPScans.com to scan your WordPress installation. This release contains a critical security fix for a XSS security bug in the Media Elements library fallback files. Since the fallback files are written in flash and not needed they have been removed from WordPress.
WPScans can now detect at least three different backdoored WordPress plugins. The plugins are: Duplicate Page and Post 2.1.0-2.1.1 No Follow All External Links 2.1.0-2.3.0 WP No External Links 4.2.1-4.3 We recommend that you run the free scan available at www.wpscans.com
Nmap is one our favorite tool when it comes to security testing (except for WPScans.com). Nmap was created in 1997 by Gordon Lyon aka Fyodor. The current version 7.60 contains about 580 different NSE-scripts (Nmap Scripting Engine) used for different security checks or information gathering and about six of them are related to WordPress. Our first test is to just use the default options in nmap and see which ports that are open: Btw, we are using the amazing penetration testing Kali Linux distro. The above screenshot shows that there is a webserver, ssh server and MySQL listening on the network. Exposing MySQL to the network is not really safe, it’s not the target this time. The following Nmap NSE scripts are directly related to WordPress:[…]
Falco, or Sysdig Falco, is a behavior activity monitoring tool for keeping track of what’s going on on your servers in real time. It works similarly to tools like OSSEC, but only detects and alerts, lacking the means to take any action, like block offensive traffic. It’s a kernelspace tool which works by loading a kernel module onto the system and monitors all syscalls the system sees. In this way, Falco keeps track of any activity passing through the system. When Falco is started, it reads settings from a configuration file named falco.yaml, and rules from a file named falco_rules.yaml, both under the etc directory. Falco’s rules determines what the application alerts on, and are very easy to write and[…]
👉 Run a free WordPress Security Scan at WPScans.com > WordPress 4.8.2 is now available for download at WordPress.org. This is a security release for all previous versions and WPScans strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Slavco A cross-site scripting (XSS) vulnerability was discovered in the oEmbed discovery. Reported by xknown of the WordPress Security Team. A cross-site scripting (XSS) vulnerability was discovered in the visual editor. Reported by Rodolfo Assis (@brutelogic) of Sucuri Security.[…]
This is our new logo for the WPScans.com WordPress Security Scanner. The logo was created by the talented Makmoer at 99designs.com, you see some of his work here.
WPScans.com was recently sold on Flippa.com and I would like to introduce myself as the new owner. My name is Jonas Lejon and i’ve been working with Cyber Security since 17 years. The last 7 years I have also been working with WordPress Security. In the past i’ve built several security related web services such as the blog backup service BlogBackupr.com (now sold). In the future many more features will be added to WPScans.com and even more security checks will be added. Also it will be easier for new users to sign-up and the notification system will be improved.