WordPress and Annotum for Education, Science,Journal Publishing

Millions of websites running WordPress are being strongly urged to update to the latest version of the popular content management system as soon as possible, after a serious security vulnerability was uncovered.

Von wegen Sicherheit: Unter dem Deckmantel eines legitimen WordPress-Plugin richtet X-WP-SPAM-SHIELD-PRO eine Backdoor auf Webseiten ein.

Wer auf seiner WordPress-Webseite das Plugin X-WP-SPAM-SHIELD-PRO installiert hat, sollte dieses schleunigst deinstallieren: Das Fake-Sicherheits-Plugin ist Malware und richtet unter anderem einen Fernzugriff für die Drahtzieher des Zusatzmoduls ein, warnen Sicherheitsforscher von Sucuri.

Die Betrüger missbrauchen dabei den Namen des legitimen Sicherheits-Plugins WP-SpamShield Anti-Spam, welches Spam von WordPress-Seiten fernhalten soll. X-WP-SPAM-SHIELD-PRO ist nicht im offiziellen Plugin-Bereich von WordPress zu finden. Es stammt aus einer von den Sicherheitsforschern nicht näher beschriebenen Quelle. Aus Sicherheitsgründen ist es ratsam, nur Plugins aus der offiziellen Quelle zu installieren.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity

Wouldn't it be great if you could browse, search, and insert photos from your Google account right to your blog posts and pages? Now you can.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

Keeping up with social media can feel like a full-time job these days — and for many it is. Posting your content on Twitter and Facebook during specific hours, and keeping things evenly spaced out, means that you need to tend to your profiles pretty often.

We wanted to make it easier for WordPress.com users to create great content on their websites — and share it across different social media networks.

The new Advanced Social Media feature for Business and Premium plan users (and for Jetpack Professional and Premium users) lets you schedule specific times that your content will be automatically shared on places like Twitter, Facebook, and LinkedIn. You can also preview your social updates before sending them, so you know exactly how it will look when it goes out.

With Advanced Social Media, you can:

Resurface older “evergreen” posts to share them to your newer followers.

Plan your social media posts in bulk to save time.
Craft messages specifically to fit the profile or network where you are posting.

Preview upcoming tweets, Facebook posts, or LinkedIn updates.
See the previous shares of the post.

You can access all of these features by selecting the “Share” button under a post in your posts list.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

NextGEN Gallery is an extraordinarily popular plugin for self-hosted WordPress websites, having been downloaded over 16.5 million times.

The software’s widespread popularity (it claims to have been “the industry’s standard WordPress gallery plugin” since 2007) makes it an seemingly obvious choice for website owners looking to add image galleries to their sites.

Researchers at Sucuri uncovered a severe SQL injection vulnerability in NextGEN Gallery’s code which could be used by a malicious attacker to steal sensitive information such as hashed passwords and WordPress secret keys:

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity

Keep your WordPress site updated, or risk having hackers modify the content of any post or webpage.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

Outdated versions of three popular WordPress plugins suffer from a "critical" zero-day vulnerability that enables an attacker to take over a website.

The bug is a PHP object injection flaw that affects the following plugins: Appointments (versions prior to 2.2.2), Flickr Gallery (versions prior to 1.5.3), and RegistrationMagic-Custom Registration Forms (versions prior to 3.7.9.3).

Together, those plugins have a combined user base of over 21,000 WordPress customers. All three have already received a fix for the security issue, which is rated "Critical" with a CVSS rating of 9.8.

 Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity

WordPress 4.8.2 is out, featuring nine security fixes website owners will want to apply, well, now.

All told, there have been six updates this year featuring security fixes, including January’s silent patch for a nasty zero day, this being the first since May’s v4.7.5.

The maintenance side of the update features six other software updates but focussing on the bit that bothers Naked Security readers most, security, we see five Cross-Site Scripting (XSS) flaws (a perennially popular attack vector that refuses to die), two path or directory traversal issues, and one covering an open redirect.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

Get access to email and social media tools, ecommerce, custom themes, and more.

Learn more / En savoir plus / Mehr erfahren:

https://gustmees.wordpress.com/?s=blogs

We are happy to announce WordPress.com for Google Docs, a new add-on that lets you write, edit, and collaborate in Google Docs, then save it as a blog post on any WordPress.com or Jetpack-connected WordPress site. Your images and most formatting will carry over too. No more copy-and-paste headaches!

Save your Google Docs drafts as WordPress blog posts in seconds.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing

Domains are being compromised through a vulnerability in the WordPress REST API.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?&tag=Cybersecurity

Introducing two new free themes: Dara, a classic, elegant theme for businesses, and TextBook, geared to schools, colleges, and non-profits.

Learn more / En savoir plus / Mehr erfahren:

http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing/?tag=Themes