Published 17 years 7 months ago • Last updated March 22, 2025 • ⏱️ < 1 min read
It's really bad. The amount of code that gets released and is vulnerable is shocking. Wordpress you need to do something. Anything. Disable all plugins now, run a audit on the code or use a user security review process, even as a last resort run some sort of automation on the code. Is it really that hard? Scan for common vulnerablities like echo PHP_SELF, global injections and so on.
I've just reviewed yet another security report from Blogsec and some more vulnerable plugins. You boast about all those users. Do something to help secure their software.