Support » Requests and Feedback » WordPress Updating Attack Vector

WordPress Updating Attack Vector

  • The automated update for WordPress is very handy but has me slightly concerned for boxen which may have a poisoned DNS cache.

    Is there any verification (in terms of DNS correctness or zip file verification) that the update which is downloaded from wordpress.org is actually the one from the real wordpress.org?

  • The topic ‘WordPress Updating Attack Vector’ is closed to new replies.