WordPress vulnerability affects millions of sites, and yours could be next

wordpress vulnerability affects millions of sites and yours could be next n6yxinh
Image Credit: WordPress
According to a post by the security research team at Sucuri, millions of WordPress websites could be at risk for exploitation thanks to a defect in a popular theme included in the default setup.

The exploit feeds off an XSS vulnerability known as a “DOM-Based XSS,” or Document Object Model. According to the independent vetting agency, DOMs are used to teach a browser how to display headers, images, text, or links that are displayed inside a WordPress loadout theme.

The theme (called “Twenty Fifteen” despite the fact that it was released last year), is installed by default in all core builds of the current WordPress distribution, making it an especially large target for any hackers who want to catch the biggest fish they can with the smallest net.

The crack digs its claws in when a site administrator clicks a malicious link either in their email or on a phishing website while logged into WordPress, enabling an automatically scan of the server for a potential hole to get in.

What makes this especially worrisome is the fact that the bug doesn’t need your site to be running a version of Twenty Fifteen for it to be a problem. Because the theme is included in the database of every rollout, it’s automatically a given that you could be hacked.

If you own a WordPress site (regardless of the version installed), you should use the query tool to check and see if you might be vulnerable to an attack.

The larger domain hosts such as GoDaddy and ClickHost have already scrubbed through their subscriber base and removed any traces of the bug, but in case you’re either running an independent server, or your host isn’t listed here, be sure to make the change yourself to immunize you or your users from the threat.


Firefox will disable Flash on its browsers by default in 2019

Mozilla's Firefox browser will continue to do its part in deprecating the Flash plugin this year with new plans revealed to disable it by default in an upcoming Nightly build, followed by a stable release in September.

Change your mouse cursor in Windows with these quick tips

The standard mouse cursor is boring, so change it! With this guide on how to change your mouse cursor in Windows, you can choose to use one of Microsoft's pre-installed cursors or download something a bit more extravagant.

Having problems with your Xbox One console? We have the solutions

The Xbox One has evolved over the years, but so have its problems. Thankfully, we have solutions for some of the console's most enduring problems, whether you're experiencing issues with connectivity or your discs.

Installing fonts in Windows 10 is quick and easy -- just follow these steps

Want to know how to install fonts in Windows 10? Here's our guide on two easy ways to get the job done, no matter how many you want to add to your existing catalog, plus instructions for deleting fonts.

Microsoft will end support for Windows 7 one year from now

Microsoft is set to end extended support for Windows 7 on January 14, 2020, putting a halt on the free bug fixes, and security patches for most who have the operating system installed. 

This ‘computer mouse’ sets the new size standard for portable computing

The Raspberry Pi is an amazingly capable little computer and it's small enough that it can fit just about anywhere. Even in a computer mouse — if you're willing to build a custom chassis for it.

From Air to Pro, here are the best MacBook deals for January 2019

If you’re in the market for a new Apple laptop, let us make your work a little easier: We hunted down the best up-to-date MacBook deals available online right now from various retailers.

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.

Printing to PDF in Windows is easy, no matter which method you use

Microsoft's latest operating system makes it easier than ever to print to PDF in Windows, but there are alternative methods for doing so, even if you want to forgo Adobe Acrobat. Here's how.

Changing a PDF into an EPUB file is easier than you might think

If you like to read on a tablet or ebook reader, you'll find that ePUB files offer a number of advantages over PDFs. With this guide, we'll show you how to convert a PDF to EPUB in a few quick steps.

Need to combine a PDF? Here's how to get it done on both Windows and Mac

Sometimes juggling multiple files at once is more of a hassle than a convenience, especially when a single file would do. This quick guide will teach you how to combine PDF files on Windows, MacOS, or with online tools.

Don’t even bother with the rest. Here are the only laptop brands that matter

If you want to buy your next laptop based around a specific brand, it helps to know which the best brands of laptops are. This list will give you a good grounding in the most reliable, quality laptop manufacturers today.

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.

Style up your MacBook Air with one of these great cases or sleeves

Whether you’re looking for added protection or a stylish flourish, you’re in the right place for the best MacBook Air cases. We have form-hugging cases, luxurious covers and padded sleeves priced from $10 to $130. Happy shopping!