This morning, the Wordfence Threat Intelligence Team published part two in a series on cross-site scripting vulnerabilities that exploit the PHP_SELF variable. This vulnerability is in the “Easy Social Icons” plugin and affects over 40,000 sites. Attackers can use vulnerabilities of this kind to take over a site by installing a backdoor, or by adding a malicious administrator.
I am an experienced website developer with over twenty years of coding and entrepreneurial experience. I founded my own company, Portal Planet, in 2001, and am passionate about helping businesses succeed online. As a skilled WordPress website and plugin developer, Alexa skill developer, and Raspberry Pi/Arduino developer, I enjoy teaching and training others and helping businesses achieve their online goals.