A pair of popular WordPress plugins used to help sites cache content have fixed serious vulnerabilities that attackers could exploit simply by including special HTML code in a comment. Both WP Super ...

BELLEVUE, Wash.--(BUSINESS WIRE)--Polyverse Corporation today announced its R&D project, Polyscripting, stops all PHP code injection and execution vulnerabilities detailed in a whitepaper recently ...

Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP ...

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, ...

Cenzic, a provider of Web application security vulnerability assessment and risk management solutions, has released their Web Application Security Trends Report – Q1-Q2, 2009. Among the findings of ...

A critical unauthenticated remote control execution (RCE) bug in a backup plug-in that's been downloaded more than 90,000 times exposes vulnerable WordPress sites to takeover — another example of the ...

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open ...

Security holes in the Apache Geronimo Application Server and SAP cFolders headline a list of five serious Web app vulnerabilities that demand immediate attention. According to Mark Painter from the HP ...