Page 131 of 142
Marika Moffitt is a story-driven pet photographer serving pets and their people in the Greater Seattle Area and beyond. As the owner of Dirtie Dog Photography, Marika focuses on helping her clients stay connected to the animals they love by… Continue Reading →
Three critical privilege escalation vulnerabilities in the Ultimate Member plugin put over 100,000 sites at risk. We also talk about the Page Experience metric to be added as a ranking signal for Google search in May 2021 and what this… Continue Reading →
This week I talk about ageism in technology [powerpress]
A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites. We also talk about the security updates in WordPress 5.5.2/5.5.3 and… Continue Reading →
Skip Cohen has been in the photographic industry his entire adult life, and in many ways, he is the heart and soul of the industry. Skip is the President and founder of Skip Cohen University, CMO for Platypod, and past… Continue Reading →
We cover a couple of breaking stories this week, including the emergency release of WordPress 5.5.3 on Friday, October 30. In preparation for this, a number of sites autoupdated to version 5.5.3-alpha. We also look at the the defacement of… Continue Reading →
An easily exploitable SQL injection vulnerability was discovered in the Loginizer plugin installed on over one million WordPress sites, causing the WordPress team to force an update to sites using the vulnerable version. The Justice Department is filing antitrust suit… Continue Reading →
Rachel Brenke is an author, photographer, lawyer, and business consultant for photographers and bloggers. She is currently helping creative industry and blogging professionals all over the world initiate, strategize, and implement strategic business and marketing plans through various mediums of… Continue Reading →
In today’s episode I provide an update on what’s happening around here 🙂 Terrible internet 75Hard Challenge Relaunching PharmToTable.Life WooCommerce 101 Webinars on Thursdays Now the editor of the Distributed Podcast School’s back in session Designing my new home office… Continue Reading →
On this week’s episode of Think Like a Hacker, we chat about the cross-site request forgery (CSRF) vulnerability found in the Child Theme Creator by Orbisius and how attackers could use a vulnerability like this with spearphishing to wreak havoc,… Continue Reading →
A vulnerability discovered by the Wordfence Threat Intelligence team in the WPBakery plugin exposes over 4 million sites. High severity vulnerabilities were discovered in the Post Grid and Team Showcase plugins. The online avatar service Gravatar, has been exposed to… Continue Reading →
In this episode, Scott asks a very important question. Have you given up on WordPress? Being that you are tuning in to this episode and that WordPress runs a third of the Internet, we imagine you have not given up… Continue Reading →
Shopify reports that two rogue employees stole data from 200 merchants on their platform. A security researcher found a vulnerability in the Medium Partner Program could have allowed an attacker to steal writers’ earnings. Symantec reports that a state-sponsored hacking… Continue Reading →
Our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. These vulnerabilities could have allowed an attacker to modify arbitrary files, including PHP files. The US government Cybersecurity and… Continue Reading →
Jenny Midgley is a digital content specialist, brand, and marketing photographer. She is the co-host of the Girls Who Do Stuff podcast, and wrangler of tiny humans; surviving on coffee and laughter and the occasional fries and milkshake. Jenny helps… Continue Reading →
Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites. Developers from OWASP Core Rule Set said ModSecurity v3 is exposed to denial of service exploits, though the maintainers of ModSecurity reject that… Continue Reading →
Millions of attacks have been targeting the recent File Manager plugin zero-day vulnerability discovered last week. Two attackers are vying for control over sites compromised through the vulnerability. A security researcher has revealed that specially crafted Windows 10 themes can… Continue Reading →
In this episode, Scott talks about what happens when a plugin conflict breaks things on your WordPress site. Specifically, Scott addresses a recent major conflict between two popular plugins, WooCommerce and WP Rocket Cache. He offers advice to follow when… Continue Reading →
Over 700,000 WordPress users were affected by a zero-day vulnerability in the File Manager plugin, and the WordPress 5.5.1 release fixed millions of sites affected by deprecation of jQuery Migrate. SendGrid is under siege from spammers using hacked accounts, and… Continue Reading →
Announcements Hackers are exploiting a critical flaw affecting >350,000 WordPress sites Jetpack 8.9 Ways to grow subscribers and collect donations Automattic and WordPress iOS woes Is there a plugin for that? With more than 50,000 plugins in the WordPress repository,… Continue Reading →
The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, which has been fixed in Chrome version 85. Google also announced that Chrome 86 will alert users if a form submission is using… Continue Reading →
Dive into WordPress 5.5 with us and see what is new that will help you create new content with the amazing block editor. See how you can keep your site running fast and secure and how you can modify images… Continue Reading →
Announcements No announcements this week Is there a plugin for that? With more than 50,000 plugins in the WordPress repository, it’s hard to find the perfect one. Each week, I will highlight an interesting plugin form the repository. For more… Continue Reading →
The Wordfence Threat Intelligence team discovered vulnerabilities in the Advanced Access Manager plugin installed on over 100,000 WordPress sites. A high severity authorization bypass could lead to privilege escalation and site takeover. Critical vulnerabilities found in the Quiz and Survey… Continue Reading →
WordPress 5.5 was released on August 11 with a number of important updates, including a new feature allowing auto-updates of themes and plugins as well as changes to the block editor. The popular Astra theme was suspended from the repository… Continue Reading →
Announcements WordPress 5.5 Released P2 Theme Launches WordPress Cancels All In-Person Flagship Events Until 2022 Is there a plugin for that? With more than 50,000 plugins in the WordPress repository, it’s hard to find the perfect one. Each week, I… Continue Reading →
Our Threat Intelligence team disclosed numerous vulnerabilities this week, including a critical vulnerability in the Divi and Extra themes as well as the Divi Builder plugin. In total, this vulnerability affected over 700,000 sites. A vulnerability found in The Official… Continue Reading →
In this week’s news, our Threat Intelligence team discovered a vulnerability in the wpDiscuz plugin, affecting over 80,000 WordPress sites. A blind SQL injection attack affected analytics service Waydev, exposing OAuth tokens for GitHub repositories for software companies, leading to… Continue Reading →
Announcements WordPress 5.5 Release Candidate Are Plugin Authors to Blame for the Poor Admin Notices Experience? WordPress to Stick with Online-Only Meetups and WordCamps for Remainder of 2020 Is there a plugin for that? With more than 50,000 plugins in… Continue Reading →
