This is rumor control. Here are the facts: Yes, this site runs WordPress. No, to the best of my ability to determine, we are not compromised by the "SoakSoak" malware that has been infecting lots of WordPress sites. (The link in the previous sentence leads to a description of the malware in question, not an example of it.) No, we don't run the Slider Revolution plugin which apparently contains the exploitable vulnerability ("RevSlider") used by SoakSoak. We have no plans to migrate mythopoeic.org from WordPress to something else, given that 1) the security issue is in a third-party plugin, not WordPress itself and 2) the WordPress team seem to generally act like adults with respect to infosec.
Archive for December, 2014