As per similar instances with other PageBuilder plugins in recent months, a Cross-Site Scripting(CSS) vulnerability has been found on KingComposer, a WordPress PageBuilder plugin installed on over 100,000 sites. This vulnerability has been fully … [Read more...]
Elementor Pro and Ultimate Addons for Elementor – Ongoing Attack Puts 1 Million Sites at Risk
An ongoing attack is currently being carried out exploiting vulnerable users of the plugins: Elementor Pro and Ultimate Addons for Elementor. It is estimated that Elementor Pro is installed on over 1 million sites and that Ultimate … [Read more...]
Vulnerabilities Patched in Page Builder by SiteOrigin – Affects Over 1 Million Sites
On May 4, 2020, two vulnerabilities were discovered on the Page Builder by SiteOrigin plugin, a WordPress plugin actively installed on over 1,000,000 sites. If an attacker can trick a site administrator to perform a planned action … [Read more...]
Critical Vulnerability in WordPress Site Kit by Google Plugin
A vulnerability in the plugin Site Kit by Google, a WordPress plugin installed on over 400,000 sites, was discovered last month. Site Kit is the all-in-one solution to integrate a WordPress website with the critical Google tools. The flaw … [Read more...]
Critical Vulnerabilities Found on PageLayer Page Builder Plugin
Several vulnerabilities were previously discoverd on the plugin Page Builder: PageLayer – Drag and Drop website builder, a WordPress plugin actively installed on over 200,000 websites. This marks another Page Builder plugin with vulnerabilities … [Read more...]
WooCommerce Websites Targeted by Malware Via Ongoing Wave of Exploits
During a recent investigation, the team at Sucuri have identified malware that collects sensitive data currently spreading to target WooCommerce websites in compromised hosting environments. The malware is spread via an ongoing wave of … [Read more...]
Outdated Websites Vulnerable in Large Scale Attack Campaign
The Wordfence team reports at least 130 million attacks were detected between May 29 to May 31, 2020. The attacks were intended to harvest a website's database credentials by downloading the configuration files. Most of the … [Read more...]
WordPress 5.4.2 Released (Security and Maintenance)
WordPress version 5.4.2 has now been released. This is a security and maintenance release so it is recommended to update to this version as soon as possible, especially if you are experiencing any bugs on your current WordPress version. WP … [Read more...]
WooCommerce 4.1 + Storefront 2.5.6
WooCommerce 4.1 release WooCommerce 4.1 is now available. It has been in development since March 2020 and has around 400 commits from 28 contributors. This release focuses on various performance improvements and stability fixes. For more … [Read more...]
WooCommerce 4.2 + Storefront 2.5.7
WooCommerce 4.2 release WooCommerce 4.2 is now available. In development since April 2020, it has about 294 commits from 28 contributors. This is a backwards-compatible minor release focusing on stability and performance. For more … [Read more...]
