WordPress and Polyfill

[ad_1]

Context: https://sansec.io/research/polyfill-supply-chain-attack

I have a couple WordPress sites and am wondering if WordPress/plug-ins use Polyfill. I didn’t originally build either of these sites, but I am now maintaining them. A number of .php and .js files contain the text “polyfill” (although some might just be comments). I figure I only have to worry if Polyfill is being provided via CDN.

Has anyone here tried to mitigate this? I know they seized the domain, but I want to be sure I cover my bases.

[ad_2]
1 Comment

  1. If you’re behind CloudFlare, they are intercepting calls to the CDN and serving a cleaned version of polyfill.

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer