So You Thought The WordPress Security Issues Were Bad? Meet Zero-Day

• April 28, 2015
• Leave a comment

We’ve seen major issues in the WordPress community in the regards of site safety and security as of late. Now, it seems to hold true that things always get worse before they get better because two new threats have recently been uncovered going much farther than simple bugs, holding the potential for hackers to overtake a web server completely.

Anyone with malicious intentions and access to the internet has likely been incredibly intrigued with cross-site scripting (XSS) bugs over the last several months, as each weakness (discovered in both WordPress and many of the most major SEO plugins) has been of this nature.

Hackers could effectively ruin a site with this power, going so far as to make themselves administrators over a site or delete another account; in other words, they could effectively hijack ownership and all the decision-making abilities that any legitimate site owner might have.

As of now, a critical security update has been released that allegedly protects users from this newest vulnerability, aptly named “0day” as it is a “zero-day” exploit with the potential to lay ruin to WordPress at large. See that here.

The question that seems to be on everyone’s mind, however, is not, “How can I protect myself from this one now?” but “What next?” as the barrage of threats to each WordPress user’s security has been somewhat merciless.

For now, we suggest staying as on top of updates and patches as possible and taking every effort to allow the submission of site comments that are 100 percent verifiable.