FBI to WordPress users: patch now before ISIL defaces you The United States Federal Bureau of Investigation (FBI) has issued a warning to WordPress users: hurry up and patch your content management system before web site is defaced by ISIL sympathisers. The Bureau has issued a notice titled "ISIL defacements exploiting WordPress vulnerabilities" in which it warns that "Continuous Web …
If the FBI warns that they "noticed something", there is probably not much up
Au contraire, I'd say that if even they noticed it must be baaad :).
Can't say I notice much - I have a public WP site but I keep it to the same rules as I have been building firewalls since before the idea of the URL: do not run anything unless it is absolutely required. That means limiting plugins and themes to what makes the site work, good security including login name and login URL changes (automated by some security plugins) and the use of free OTP (Google Authenticator is your friend), keeping up to date with patching and review 404 logfiles.
So far, so good :)
Stop watching BBC.
Definition - What does Nonce mean?
A nonce is a type of data bit identification in IT security and other types of technical systems. It is a number or other data variable that is used only once.
@Robert, unfortunately your outdated knowledge is closer to the truth. I recently had a look at WP's perverted nonce code, and... it's NOT a cryptographic nonce (number used once). You can use it as many times as you want for 12-24 hours. Seems near worthless for security purposes.
1.4.3? The 1.4 series of WordPress was released around 2004/2005. The current version is 4.1.1, which was released around the start of this year.
https://wordpress.org/about/roadmap/ doesn't list all the releases ,
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
