23 Feb
2012
23 Feb
'12
6:08 p.m.
[sent to list, this time...]
On 22/02/12 14:10, Ian wrote:
Dom Latter said:
Funnily enough just today I got a phishing mail with the target form
hosted in wp-content/uploads (or similar).
- don't install Wordpress unless you can stay
on top of updates 24/7.
A bit cruel given how many websites use WordPress: it's not surprising
that some get hacked. It's been a while since there's been a remote There are quite a few plugins with published issues
though, so we
could add 'be careful about which plugins you install'.
And how does one do that?
From what I've seen, even the well-known and widely-used plugins can
be very badly coded. Security-auditing them would be a nightmare.