This is a general announcement to anyone with a WordPress website. We have a WordPress Webmasters course to help small business owners setup their own website or blog and also to help individuals learn about WordPress so that they can earn a living creating websites, blogging and participating in social media.
You may recall that this EzyLearn Blog was actually affected by a WordPress Malware attack back in mid November 2011. It’s a known fact that there are occasional vulnerabilities in all sorts of software and that includes online software (they call them scripts rather than programs), like WordPress.
The recent issue with WordPress was caused by the TimThumb.php script for inserting, cropping, editing images etc and rather than go into the details here are some links that you’ll find interesting.
- Trend Micro wrote a blog about it
- The WordPress Plugin Market now has Vulnerability Scanner that you can install onto your website to identify the risk and provides a resolution.
- There is a website that you can use to scan any website to see if it contains malware or other risks.
Why are we writing this post? Because it highlights the importance of using a theme club or theme maker that constantly updates the themes they create.
We recommend ElegantThemes and Woothemes and they both wrote articles about the vulnerability when it was discovered and provided updated themes with the risk removed.