The Small Business Website Guy

  • Home
  • Blog
  • About
  • WordPress Help
  • Services
    • WordPress Help
    • Hacked Site Cleanup
    • Website Management Program
    • Domain Registration
    • Web Hosting
  • Testimonials
  • Contact Us

February 11, 2013 by John

WordPress Plugin Security Fix Posted

According to the Wordfence security newsletter, a WordPress plugin security fix was just posted for the popular CommentLuv plugin. This fix addresses a cross-site scripting (XSS) vulnerability that was discovered and quickly remedied by the plugin author. My Website Management Program clients using CommentLuv have been updated. If you are using CommentLuv, be sure to update it as soon as possible to eliminate this security flaw.

A Cautionary Tale

I moderate a Yahoo group and noticed that last week we got spam messages from three of our members. This is quite unusual, although we’ve had the occasional spam link posted to the group when someone’s email account was hacked. Having three posted in one day was way out of the ordinary. I noticed that all three members had Yahoo mail accounts. I put them all in moderated mode and warned them of the problem so that they could change their passwords and scan their computers for malware in case a trojan had found its way onto their respective machines.

I learned today from the same Wordfence newsletter that Yahoo had had a security breach that affected some of their email accounts. The source of the breach? An old version of WordPress that the Yahoo developers had left laying around and forgotten about! This is a prime example of why it’s so important to keep WordPress updated to a very recent, if not the latest version. The WordPress developers are very good about plugging security holes as they’re discovered and issuing updates to keep our WordPress sites as secure as possible.

This is why my Website Management Program exists. Most people have enough to do just running their business without having to worry about updates and security patches. Keeping my clients’ sites safe and secure is my number one priority.

John
John Sawyer

Like this post?  Sign up below to be notified when new posts are published:

[email protected]
John

Share this post:

TwitterFacebookLinkedIn

Filed Under: Anti-Malware, Safe Computing, Security, WordPress Tagged With: commentluv, wordfence, yahoo

Select Module

Recent Posts

  • Protect Yourself From Router Exploit
  • Is GDPR Compliance The Problem?
  • Warning! WordPress 4.9.6 Is Coming
  • MalwareBytes Update Issue
  • Google Issues New HTTPS Guidelines

Find Your Domain

Find a domain starting at $0.48

powered by Namecheap

Reach new audiences and grow your following

Privacy Policy | Terms of Use

Copyright © 2007-2021 by Chon Resources – All Rights Reserved Worldwide

We use cookies for various purposes including analytics and personalized marketing. By continuing to use the service, you agree to our use of cookies. - Privacy Policy
Protected by WebARX