WP News Desk

Your WordPress News Dashboard

Category

WordPress Security

Multiple Vulnerabilities Patched in Email Subscribers & Newsletters Plugin - Wordfence Blog

A few weeks ago, our Threat Intelligence team identified several vulnerabilities present in Email Subscribers & Newsletters, a WordPress plugin with approximately 100,000+ active installs. We disclosed this issue privately to the plugin’s development team who responded quickly, releasing interim… Continue Reading →

5 Common WordPress Security Issues - iThemes

If you own a WordPress-powered website or are considering using WordPress as your CMS, you may be concerned about potential WordPress security issues. In this post, we’ll outline a few of the most common WordPress security vulnerabilities, along with steps… Continue Reading →

WP-VCD: The Malware You Installed On Your Own Site - Wordfence Blog

One of the most prevalent malware infections facing the WordPress ecosystem in recent weeks is a campaign known as WP-VCD. Despite the relatively long existence of the campaign, the Wordfence threat intelligence team has associated WP-VCD with a higher rate… Continue Reading →

All you need to know about ethical hacking - WordPress Arena

Today one worldwide phenomenon which has proved to be a revolutionary in the IT sector is Hacking. People who have the technical know-how to manipulate the data and control the networks with an intention of stealing and breaching sensitive data… Continue Reading →

What’s File Integrity Monitoring? (And Why You Need to Know More About It) - Kinsta Blog

A default and up-to-date WordPress installation with a strong password is quite secure. However, to survive on the internet that is not enough. That’s where File Integrity Monitoring (FIM) comes into play. A File Integrity Monitoring tool or plugin monitors… Continue Reading →

Stored XSS Patched in SyntaxHighlighter Evolved Plugin - Wordfence Blog

Description: Stored XSSCVSS Severity Score: 6.1 (Medium)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NAffected Software: SyntaxHighlighter EvolvedPlugin Slug: syntaxhighlighterAffected Version: 3.5.0Patched Version: 3.5.1 While doing a security audit of the plugins and themes we run on wordfence.com, I discovered a stored XSS vulnerability in SyntaxHighlighter… Continue Reading →

Open Redirect Vulnerability Patched In Bridge Theme - Wordfence Blog

Description: Open RedirectCVSS v3.0 Score: 7.1 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LAffected Software: Two built-in plugins packaged with the Bridge theme – Qode Instagram Widget and Qode Twitter FeedPlugin Slugs: qode-instagram-widget, qode-twitter-feedAffected Versions: Bridge Theme: 18.2 / Plugins: 2.0.1Patched Version: Bridge Theme: 18.2.1… Continue Reading →

The Best WordPress Pop-Up Plugin, Now With New Security Options - WPMU Dev

The best WordPress optin plugin just keeps getting better. Improve your hustle with the latest features of Hustle! The new security features covered in this blog post are included with the free version of Hustle, but you get a whole lot… Continue Reading →

Medium Severity Vulnerability Patched in Fast Velocity Minify Plugin - Wordfence Blog

Description: Full Path DisclosureCVSS v3.0 Score: 4.3 (Medium)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NAffected Plugin: Fast Velocity MinifyPlugin Slug: fast-velocity-minifyAffected Versions: <= 2.7.6Patched Version: 2.7.7 A few days ago, our Threat Intelligence team identified a vulnerability present in Fast Velocity Minify, a WordPress… Continue Reading →

Pagely Security Updates - Pagely Blog

This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]

5 Ways to Secure Your WordPress Website - iThemes

It feels like every week there’s another security breach in the news. It can cause panic, especially when we think website security has to be complicated. But protecting your WordPress website doesn’t have to be hard. WordPress security is easier… Continue Reading →

Fixing WordPress Security Challenges – A Complete Guide - WordPress Arena

Did you know that out of the top 10 million websites, WordPress is used by nearly a third of all sites? It has nearly 60% market share among content management systems. The customizability and functionality of WordPress make it the… Continue Reading →

WordPress Security Guide: 14 Pro Tips To Secure A WordPress Website - Shout Me Loud

Looking to improve the security of your WordPress website? Here I’m sharing all the tips and strategies that I have learned running this award-winning WordPress blog. Just to let you know, In recent times, WordPress has been highly targeted by… Continue Reading →

Authentication Bypass Vulnerability in GiveWP Plugin - Wordfence Blog

Description: Authentication Bypass with Information DisclosureCVSS v3.0 Score: 7.5 (High)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NAffected Plugin: GiveWPPlugin Slug: giveAffected Versions: <= 2.5.4Patched Version: 2.5.5 A few weeks ago, our Threat Intelligence team discovered a vulnerability present in GiveWP, a WordPress plugin installed on over… Continue Reading →

WordPress Vulnerability Roundup: September 2019, Part 2 - iThemes

Several new WordPress plugin and theme vulnerabilities were disclosed during the last half of September, so we want to keep you aware. In this post, we cover recent WordPress plugin and theme vulnerabilities and what to do if you are… Continue Reading →

8 WordPress Security Infographics to Download & Share - iThemes

Love infographics? We do, too! From WordPress security basics to how to secure your website, we have 8 WordPress security infographics for you to download and share. 1. Five Ways to Secure Your WordPress Website It feels like every week… Continue Reading →

Zero Day Vulnerability in Rich Reviews Plugin Exploited In The Wild - Wordfence Blog

Description: XSS Via Unauthenticated Plugin Options UpdateAffected Plugin: Rich ReviewsAffected Versions: <= 1.7.4CVSS Score: 8.3 (High)CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L The Wordfence Threat Intelligence team is tracking a series of attacks against an unpatched vulnerability in the Rich Reviews plugin for WordPress. The… Continue Reading →

The Passwordless Future of WordPress [Webinar Replay] - iThemes

In this webinar, Michael Moore explains why passwords are soon to be a relic of the past and why are all of the major tech companies trying to kill passwords. He also walks through how to use the new iThemes… Continue Reading →

The Comprehensive Guide to WordPress Security in 2019 - Pagely Blog

The benefits of this WordPress security guide are two fold: Learn exactly what you need to know about WordPress security in 2019. Understanding WordPress security helps you adopt a security-oriented […]

5 Things You Need To Do If Your WordPress Website Has Been Hacked - WP Mayor

Having your WordPress site hacked is not something you ever want to experience, but it happens more often that we’d like. There are ways to help prevent hacks, but if it happens to you, here are a few things you… Continue Reading →

© 2019 WP News Desk — Powered by WordPress and WP RSS Aggregator | Hosted by WP Engine

Up ↑