WordPress wordTube <= 1.43 is listed on BlogSecurity’s dangerous WordPress software list "BlogWatch". This wp-plugin is vulnerable to a File Include Vulnerability, this means an attacker can execute commands on a vulnerable WordPress server by appending the URL to a malicious file on a remote server under the attacker’s control.

An attacker attempted to exploit [...]

Although, wp-scanner online is still in its infant stages, the results of these tests are certainly eye opening. You’ll see that a large percentage of WordPress blogs are vulnerable to atleast one known attack that may allow an attacker to compromise the website and more then likely the web server.

Around this time last month, BlogSecurity [...]

Update:
08/10/07 - Improved methods for allowing Democracy Plugins and better wp-admin code.
16/08/07 - New Rules
A few emails have come through about how user’s WordPress installations have been compromised, or where an attacker has found resources he/she shouldn’t have. This article will discuss some security techniques to better harden and secure your WordPress blog; this is [...]

heise.de security recently released an advisory regarding a common vulnerability they have found in a number of WordPress themes. BlogSecurity can verify this as it has been working on a similiar project and will release the latest version of wp-scanner later this week which includes some additional theme vulnerability checks as well as some bug [...]

BlogSecurity introduces an article by Sarah Turner:
Sarah Turner is a BA Hons in Business Studies and currently works as a Marketing Manager; she has speciliased in the IT security sector for almost 2 years.

Blogs are growing at an astonishing rate, with over 57 million blogs existing all over the world and roughly 1.3 million posts [...]