Well the time has finally arrived! We are psyched to notify our readers, that the day has finally arrived! The initial version of the BlogSecurify project designed by GNUCITIZEN and BlogSecurity teams is now ready for testing.

This is only the initial release but knock yourselves out! We hope this new framework will allow us to […]

WordPress 2.6 plans to have a number of security improvements. A number of XMLRPC features will be deactivated by default. I doubt they will remove functions such as pingbacks and trackbacks, however, it is something to keep an eye on.

So will this really help secure WordPress in the future?

WordPress have been becoming more security […]

The Nextgen Gallery Plugin version <= 0.96 have been found vulnerable to a persistent Cross Site Scripting bug..

According to the advisory, the attacker does require authentication and access to the following URL:

http://[host]/[directory]/wp-admin/admin.php?page=nggallery-manage-gallery

As far as we know, no fix is currently available.

You guys are going to love our new wp-scanner and blog security testing service! We’ll be adding loads more tests and support multiple blog types not just WordPress.

Hint: Wear your earphones when watching this video to get the full vibe.

A SQL Injection vulnerability has been reported in WordPress by the Balsec Team. The advisory is lacking alot of detail.

This post will be updated as new information is made available.