Sign up to save your podcasts
Or
Share Patchstack Weekly - Secure AJAX Endpoints & WordPress Vulnerabilities
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Patchstack Weekly - Secure AJAX Endpoints & WordPress Vulnerabilities
Welcome back to the Patchstack Weekly security update! This update is for week 19 of 2022 and is about secure AJAX endpoints and WordPress vulnerabilities.
This week in vulnerability news, I will share two WordPress plugins with security bugs that have no patch available.
One could lead to tricking logged-in users to run arbitrary code on websites, and the other could lead to unauthenticated SQL injection.
And I have a bit of breaking news to add, it was just reported by Portswigger that it appears WordPress websites with incomplete installations are being targeted shortly after being set up.
In this week's knowledge share, I will talk about securing WordPress AJAX endpoints.
Why it is important to secure AJAX endpoints? How to spot which functions need more attention from secure code review, and how to do security testing with a tool I guarantee you probably already have installed.
I will share this tool's information in the weekly knowledge share.
PS! Just a small edit to the thank you and appreciation section - a special thank you goes out to Shea Bunge for actively working on a patch in the Code Snippets plugin (I incorrectly said Code Snippets Extended.)
View all episodes
By Patchstack WeeklyWelcome back to the Patchstack Weekly security update! This update is for week 19 of 2022 and is about secure AJAX endpoints and WordPress vulnerabilities.
This week in vulnerability news, I will share two WordPress plugins with security bugs that have no patch available.
One could lead to tricking logged-in users to run arbitrary code on websites, and the other could lead to unauthenticated SQL injection.
And I have a bit of breaking news to add, it was just reported by Portswigger that it appears WordPress websites with incomplete installations are being targeted shortly after being set up.
In this week's knowledge share, I will talk about securing WordPress AJAX endpoints.
Why it is important to secure AJAX endpoints? How to spot which functions need more attention from secure code review, and how to do security testing with a tool I guarantee you probably already have installed.
I will share this tool's information in the weekly knowledge share.
PS! Just a small edit to the thank you and appreciation section - a special thank you goes out to Shea Bunge for actively working on a patch in the Code Snippets plugin (I incorrectly said Code Snippets Extended.)