On May 20, 2023, WordPress 6.2.2 was released to address a regression — a bug introduced in 6.2.1 that broke shortcode functionality — as well as a security issue. Because 6.2.2 is a security release, you should update your sites… Continue Reading →
May 27, 2023 marks a major milestone in the history of digital publishing: 20 years since the first official public release of WordPress core. Born from a simple need to publish writing and photos on the web quickly, it’s no… Continue Reading →
This week, WordPress 6.2.1 was released — the first security and maintenance update for the 6.2 version line. This release patched 5 security vulnerabilities, including Cross-Site Scripting (XSS), Cross-site request forgery (CSRF), and path traversal vulnerabilities. If you have your… Continue Reading →
This week, 66 vulnerabilities may affect over 5.8 million WordPress sites. There are 42 plugin vulnerabilities and five in themes that have security patches available, so run those updates! Additionally, there are 18 plugin vulnerabilities and one theme with no… Continue Reading →
AI writing tools can help you effectively generate valuable and engaging content for humans. In this article, you’ll learn what works well, what doesn’t, and the habits of mind you need to adopt to make the best use of an… Continue Reading →
Yesterday, Google announced “The Beginning of the End of the Password.” By this time next year, you may not be using passwords anymore. The Great Password Extinction is Already Underway Imagine a world without passwords. You can still log into… Continue Reading →
With the release of iThemes Security Pro 7.3.4, you will be able to specify whether browsers should require additional verification when a passkey is used to log into WordPress or defer to the browser’s own preferred behavior. We have released… Continue Reading →
This week, 162 vulnerabilities may affect over 8 million WordPress sites. There are 74 plugin vulnerabilities with security patches available, so run those updates if you use these plugins! Additionally, there are 88 plugin vulnerabilities with no patch available yet…. Continue Reading →
This week, 160 vulnerabilities may affect over 8 million WordPress sites. There are 68 plugin vulnerabilities with security patches available, so run those updates if you use these plugins! Additionally, there are 92 plugin vulnerabilities with no patch available yet…. Continue Reading →
Session hijacking is a type of cyberattack that WordPress site owners need to know about. Also known as TCP session hijacking, session hijacking allows attackers to pretend to be a logged-in user on a website. The attacker takes over a… Continue Reading →
This week, 116 vulnerabilities may affect over 6 million WordPress sites. There are 67 plugin vulnerabilities and 2 themes with security patches available, so run those updates if you use these plugins! Additionally, there are 45 plugin vulnerabilities and 2… Continue Reading →
We’re releasing iThemes Security Pro 7.3.2 today. This maintenance update will initiate a phased rollout that encrypts 2FA secret codes in the WordPress database by default. Historically, iThemes Security didn’t encrypt the random secret codes for two-factor authentication in the… Continue Reading →
This week, 79 vulnerabilities may affect over 6.6 million WordPress sites. There are 55 plugin vulnerabilities and 5 themes with security patches available, so run those updates if you use these plugins! Additionally, there are 19 plugin vulnerabilities with no… Continue Reading →
Cross-Site Request Forgery (CSRF or XSRF) vulnerabilities are rarely high or critical in their severity ratings. They still can do a lot of harm, however. They’ve been the second most common WordPress vulnerability in recent years after Cross-Site Scripting (XSS)… Continue Reading →
Half of all internet traffic isn’t human activity — it’s bots. Spambots, search bots, Twitterbots, and DDoS bots are just a few common types of web robots. They’re everywhere in the online world, and not all of them are bad…. Continue Reading →
