Connect with us

Hi, what are you looking for?

Web

New! WordPress Security Alert

This article is to bring to the attention of those WordPress users who are unaware of a recent security alert by Matt Mullenweg on June 21, 2011. Basically, the alert involves the recommendation of a compulsory password reset for all users particularly those who use the same password for two or more services following the observation of suspicious commits containing cleverly disguised backdoors affecting some popular WordPress plugins by the WordPress team.

The affected WordPress plugins that have raised the security alert include AddThis, WPtouch and W3 Total Cache. Due to the suspicion that the commits were not from the affected plugins’ authors, there were rolled back, pushed to update, while access to their repository were shut down to make room for proper investigation. As a result of the ensuing investigation, the WordPress team decided to force-reset all passwords on WordPress.org. Therefore, users who intent to use the forums, trac, or commit to a plugin or theme, will now have to reset their passwords to a new one.

In addition to the password reset, users of the AddThis, WPtouch and/or W3 Total Cache plugines should check to confirm that they have upgraded to the latest versions from the updates page.  Thus, the general advice is to always remember to reset your password occasionally and do not ignore updates whenever there are available.

Written By

Thanks for reading this article. If you're new here, why don't you subscribe for regular updates via RSS feed or via email. You can also subscribe by following @techsling on Twitter or becoming our fan on Facebook. Thanks for visiting!

20 Comments

20 Comments

  1. Marry

    July 15, 2011 at 9:59 am

    is it make the blog saver from the hacker..

  2. Erin

    July 16, 2011 at 1:22 pm

    I love anything that helps my blog to stay safe from hackers!

  3. Ellen

    July 17, 2011 at 10:43 am

    Thanks for the blog! I missed out on that warning! They should make some big warning in WP. I use those three plugins, so I hope I’m save. My site got hacked a few months ago, and took me a full day to get the site back running again, hope it never gonna happen again.

  4. reeha

    July 17, 2011 at 12:36 pm

    Admin you are really fast to bring these latest updates to us. thanks for your awesome resources.

  5. Darin Cunningham

    July 17, 2011 at 5:28 pm

    I often visit some of my favorite wordpress blogs but I’ve still not come across any blogs sharing this information. I’d definitely want to know more about this security alert. It’s getting more interesting exploring this blog.

  6. Ira

    July 18, 2011 at 5:41 am

    Using the same password makes it easier to login in different accounts. But I guess its not really safe. Thanks for the heads up!

  7. Mathilde

    July 18, 2011 at 12:48 pm

    Since I don’t use these plugins, I had no idea. But it’s always interesting to know, just in case. So thanks for the article. And I’m not really surprised, WordPress is a great, reliable tool !

  8. Nawaz

    July 18, 2011 at 5:21 pm

    I am using wordpess on many sites but I was not known this update of WordPress.

  9. jaust231

    July 19, 2011 at 12:37 pm

    really? wow.. I feel safer already..

  10. Blue

    July 19, 2011 at 1:31 pm

    Very nice information, it really help me to protect my blogs to the hackers. I like your posts.
    Thanks for the info.

  11. jandelaria

    July 20, 2011 at 12:06 pm

    i appreciate all their efforts on keeping us safe.. nice job to them!

  12. Raymund

    July 22, 2011 at 2:49 am

    This is a great reason why it is important to always install updates. Hackers are frightening me especially now that my personal blog is already big.

  13. Stephanie

    July 22, 2011 at 1:19 pm

    I find updating wordpress quite a hassle, because sometimes it breaks my site. Good thing I used backup buddy so if anything goes wrong I can always go back to my previous setup.

  14. Shah

    July 26, 2011 at 9:39 pm

    I have gone through some good plugin for this problem like WordPress secure login, CHAP Secure Login etc. But it is must to update your all plugin as soon as they are updated. Thanks for sharing and adding this post.

  15. Chelsea

    July 26, 2011 at 11:53 pm

    I have 3 wordpress accounts… It’s annoying to have to change the passwords of each one. They all now have their own unique passwords.

  16. robber

    August 19, 2011 at 3:06 pm

    I have used the wordpress for many years and I found if we install the wordpress correclty and make some wordpress plgine in use. Safe is not a problem. Most safe problem caused by the comment function,I close it usually.

  17. Sandra

    September 4, 2011 at 8:58 pm

    Good to know. Will have to reset my password.
    Thanks!

  18. Jerryl

    October 4, 2011 at 6:42 am

    This is good news to all WordPress users. They will no longer about spamming and hacking since the security is even more better now than before.

  19. Andy Walton

    October 15, 2011 at 1:06 pm

    I was completely unaware of this security alert, thanks a lot for bringing it to my attention. The advice to reset passwords occasionally is useful as well. Presumably the update was posted on the dashboard, but I never look at it. I’ll have to make a point of looking at it now and again.

  20. Karen

    December 29, 2011 at 9:46 pm

    Oh, I hope that I am not too late to catch this update.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like

Tech

Introduction Do you need an expert web-based presence but are overpowered by code and specialized language? Try not to stress any longer! WordPress is...

Web

To implement the appropriate online marketing of your WordPress site, integrating it with social media can prove to be an incredible measure! Do you...

Web

WordPress is, more often than not, the standard platform for creating good websites and managing them. It is suitable for all web designers across...

Design

Are you looking for the best blog theme for your blog? However, there are many free and premium WordPress blog themes available in the...