We are seeing a disturbing trend emerging from the WordPress community in the past few days and that is an upsurge of reported security breaches. We strongly recommend website admins to perform a security scan of their websites right now and address … [Read more...]
Critical Security Flaw in outdated WooCommerce NAB Transact Plugin
A critical flaw has just been recently disclosed for the widely used payment gateway, WooCommerce extension NAB Transact. By exploiting a vulnerability in the plugin, attackers could potentially fool vendor systems into believing payment … [Read more...]
WordPress 5.5 “Eckstine” + WooCommerce 4.3.2 Released
WordPress 5.5 “Eckstine” Release WordPress.org has just released WordPress 5.5 "Eckstine", which arrives with a host of speed, security, search, accessibility, block editor, and developer functionality improvements. For more information, please … [Read more...]
The Official Facebook Chat Plugin Created Vector for Social Engineering Attacks
The Official Facebook Chat Plugin, a WordPress plugin installed on over 80,000 sites, is a simple plugin that adds a “Facebook Messenger” chat pop-up to a WordPress site and connects a chosen Facebook page to receive messages and interact with site … [Read more...]
Over 300,000 Sites Potentially Vulnerable Due to Newsletter Plugin
After recently patching a vulnerability last month, Newsletter, a WordPress plugin installed in over 300,000 websites, was discovered to have two additional, more serious vulnerabilities, a Cross-Site Scripting(XSS) vulnerability and a PHP Object … [Read more...]
How to Choose The Best Theme for WooCommerce?
With this pandemic, it has become essential for many businesses to have an online presence. One of the easiest ways to create an ecommerce store is to use WooCommerce on WordPress. If you are creating a new site, you will need to decide on what theme … [Read more...]
Critical Vulnerability Found in All in One SEO Pack Potentially Affecting 2 Million Users
A medium severity security issue has been discovered on the popular plugin All In One SEO Pack, installed in over 2 million sites. The vulnerability allows authenticated users with contributor level permissions and above the ability to inject … [Read more...]
KingComposer PageBuilder Plugin XSS Vulnerability Patched
As per similar instances with other PageBuilder plugins in recent months, a Cross-Site Scripting(CSS) vulnerability has been found on KingComposer, a WordPress PageBuilder plugin installed on over 100,000 sites. This vulnerability has been fully … [Read more...]
WordPress 5.4.2 Released (Security and Maintenance)
WordPress version 5.4.2 has now been released. This is a security and maintenance release so it is recommended to update to this version as soon as possible, especially if you are experiencing any bugs on your current WordPress version. WP … [Read more...]
Outdated Websites Vulnerable in Large Scale Attack Campaign
The Wordfence team reports at least 130 million attacks were detected between May 29 to May 31, 2020. The attacks were intended to harvest a website's database credentials by downloading the configuration files. Most of the … [Read more...]
- 1
- 2
- 3
- …
- 15
- Next Page »
