Although this is not a direct WordPress vulnerability, it is a severe vulnerability that webmasters should be aware.
A new paper out this week details the exploit of MD5 and Certificate Athorities (CA). What makes this such a scary and threatening attack is the use of MD5 to secure a website identity. Using the HTTPS protocol, web surfers verify the identity of secure sites by checking for the lock icon and the use of HTTPS in the web address.
Using this exploit, an attacker can fake the authenticity of a website by …