WordPress InfiniteWP

WordPress security alert: vulnerability in multiple plugins; time to update

Do you use WordPress to run your site or blog? You better head off to your dashboard to check for plugin updates. Now.

A cross site scripting vulnerability has been spotted in several WordPress plugins and themes, including popular ones like Jetpack, WordPress SEO, Google Analytics, All in one SEO, Gravity Forms, among others.

“The vulnerability Sucuri discovered would allow an attacker to send a WordPress user with administrative rights a link which could execute malicious JavaScript,” Jetpack said in a blog post announcing an update to its pluginContinue reading →