On May 13, 2021 01:00 UTC, WordPress core released a security patch for a Critical Object Injection vulnerability in PHPMailer, the component that WordPress uses to send emails by default. If your site is set to allow auto updating of… Continue Reading →
This post first appeared May 7, 2021 on the Sucuri blog. In this post, we look at how to use WPScan. The tool provides you a better understanding of your WordPress website and its vulnerabilities. Be sure to check out… Continue Reading →
On February 2, 2021, our Threat Intelligence team responsibly disclosed the details of a vulnerability in External Media, a WordPress plugin used by over 8,000 sites. This flaw made it possible for authenticated users, such as subscribers, to upload arbitrary… Continue Reading →
We are on the threshold of the biggest release in the history of iThemes Security Pro! Ch-ch-ch-ch-changes, update to get the change. To help get you ready for this epic update, we’re sharing a sneak peek of some of the… Continue Reading →
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. Each… Continue Reading →
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. Each… Continue Reading →
If you’re serious about your website’s security, then it’s time to learn about the dangers of SQL injections and how you can combat them. The term SQL injection (also called SQLi) refers to a type of cyberattack technique that is… Continue Reading →
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The… Continue Reading →
If you’re serious about your website’s security, then it’s time to learn about the dangers of remote code execution vulnerabilities and how you can combat them. The term remote code execution (RCE) refers to several different hacking techniques and cyberattacks,… Continue Reading →
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This post covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The… Continue Reading →
If you’re concerned about cross-site scripting and how it impacts your WordPress website, you’re definitely not being paranoid. While the vulnerability of cross-site scripting, or XSS, is not exclusive to WordPress site owners, its potential negative impacts on WordPress sites… Continue Reading →
New WordPress plugin and theme vulnerabilities were disclosed during the second week of April. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on… Continue Reading →
If you run a WordPress site, no doubt you’ve dealt with bots. They’re seemingly everywhere in the online world, and not every one of them is bad. But when it’s time to stop bots in WordPress, some approaches work better… Continue Reading →
Malware is the bane of most site owners’ online journey. New threats emerge daily and a successful attack can bring your operation down by defacement, tanking your SEO, or harvesting […]
New WordPress plugin and vulnerabilities were disclosed during the first week of April. This post provides a report of recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes… Continue Reading →
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
WordPress is a tool that bloggers initially used, but it has become a popular website builder and is used by many website owners and companies over the years. It has proven itself to be an excellent content managing platform. Its… Continue Reading →
New WordPress plugin and theme vulnerabilities were disclosed during the final week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on… Continue Reading →
New WordPress plugin and theme vulnerabilities were disclosed during the third week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on… Continue Reading →
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
During a recent audit we discovered an unauthenticated remote code execution in the plugin e-signature. All versions less than 1.5.6.8 are vulnerable. Disclosure / Response Timeline January 7, 2021: Initial […]
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
