There is an announcement recently last week about the vulnerability of the WordPress attacks via XSS according to the security blog, the vulnerability affecting multiple WordPress plugins and themes. The issue links to the common functions of WordPress core that plugin or theme developers are using such function add_query_arg, remove_query_arg. You can find the list… Read More


In Cambodia, you might not so interesting on this kind of news but the impact on your website security is very important, please find the short explanation on the issue with the last report by TheVerge reported today, there is a bug in the bash shell of Unix system which is called “Bash bug”, or… Read More


Let’s upgrade to latest WordPress version 3.5.2, right now! There are fixed bugs related to security hole of the system. Version 3.5.2 addressed some security issues and fixed 12 bugs. Additionally: Version 3.5.2 fixes seven security issues: * Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199. * Privilege Escalation: Contributors can publish posts, and… Read More


Recently with drupal.org news announced a security release and ask their user to reset the password: The Drupal.org Security Team and Infrastructure Team has discovered unauthorized access to account information on Drupal.org and groups.drupal.org. The impact is related to the user accounts at Drupal.org but at the same time you should look for the new… Read More