Updates on WordPress security, Wordfence and what we're cooking in the lab today.

Wordfence Blog

Podcast Episode 17: 3 Severe WordPress Plugin Vulnerabilities

This entry was posted in Podcasts on May 29, 2019 by Kathy Zant   0 Replies

Mikey Veenstra joins us to talk about three WordPress plugins with severe vulnerabilities affecting well over 150,000 WordPress installations. Two plugins have been patched, one has not. With Mark under deadline for a film project, Mikey also talks some security news with Kathy. We cover a Docker vulnerability, anatomy of a SIM port attack, zero-day Windows exploits released by a disgruntled security researcher, two large scale data leaks affecting millions of people, and revisit the Baltimore ransomware problem and how the NSA’s Eternal Blue tool was used in the attack.

Here are approximate timestamps in case you want to jump around:
1:00 Interview with Mikey Veenstra on 3 severe WordPress plugin vulnerabilities
13:00 The news, and where’s Mark?
13:30 Docker vulnerability not yet patched
16:24 Anatomy of a SIM port attack
20:17 Microsoft zero-day exploits on Github
25:34 XSS vulnerability discovered in Slimstat plugin
26:26 Over 49 million Instagram users data exposed
29:28 First American Financial leaked hundreds of millions title insurance records
34:20 How an NSA malware tool was used in the Baltimore ransomware attack

Find us on your favorite app or platform including iTunes, Google Podcasts, Spotify, YouTube, SoundCloud and Overcast.

Click here to download an MP3 version of this podcast. Subscribe to our RSS feed.

This week in the news we cover:

You can find Mark on Twitter as @mmaunder, Kathy as @kathyzant and Mikey at @heyitsmikeyv. Please don’t hesitate to post your feedback in the comments below.

Did you enjoy this post? Share it!

No Comments on "Podcast Episode 17: 3 Severe WordPress Plugin Vulnerabilities"

Follow Us


Protect your websites with the #1 WordPress Security Plugin

Get Premium
Over 150 million downloads

Wordfence Newsletter

Get WordPress Security Alerts and Product Updates