Hot on the heels of the big WordPress botnet attack comes news of a serious vulnerability in the two most popular caching plugins, WP Super Cache and W3 Total Cache.
By allowing anyone to inject malicious code into your WordPress site through the standard comments form, this security vulnerability is particularly nasty in it’s simplicity and ease of exploitation.
I’m glad that the security and maintenance measures I take as part of my WordPress maintenance package mean that both the botnet attack and this vulnerability weren’t a concern, but others might not be so lucky.
Make sure you secure your site now, and keep it up to date.
Leave a Reply