Items tagged with WordPress
Recently, a plugin utilized by over a million WordPress site owners was discovered to have a bug in a prior release that logged passwords in plaintext. While the problem has since been fixed in an update, credentials may still be floating around in logs, so be sure to take a look.
The All-In-One Security (AIOS)...
Read more...
A WordPress plugin with over 2 million active installations left its users open to an alarming security flaw. The popular Advanced Custom Fields (ACF) plugin by WP Engine allows WordPress admins to add custom fields throughout their sites for an enhanced content management system experience. However, if left...
Read more...
No April Fools here; only April vulnerabilities abound with the popular WordPress addon Elementor, used by millions of websites worldwide. Adding insult to injury, threat actors are now exploiting this vulnerability to tweak settings and redirect traffic to malicious sites, among other problems.
Elementor is a...
Read more...
WordPress is one of the most popular and thus commonly used content management systems (CMS) on the web. However, it has a particular problem with add-on, extension, and plug-in authors abandoning their projects, and subsequently leaving gaping holes in site security. A case in point has been highlighted by the...
Read more...
No one in computer security can catch a break lately, it seems, as yet another two major cybersecurity flaws have been found related to web servers.
Named Sysrv-K by security researchers on Microsoft's Security Intelligence Twitter, te vulnerabilities install botnets, which will run a crypto-coin miner on infected...
Read more...
Researchers say you should upgrade a popular WordPress plugin sooner than later, or else you could end up losing access to your website, and potentially your web server!
If you exist on the internet, you likely know of or have seen at least one WordPress site. The content-management software is likely the most...
Read more...
It would seem that not even GoDaddy can keep all the children of the internet behaving as they should. The very popular internet domain registrar and web hosting giant announced yesterday that its security was compromised last week.
GoDaddy announced yesterday that it had discovered on November 17th there was an...
Read more...
Google is on a mission to crumble the third-party cookie infrastructure that the web is largely based on, as it relates to lucrative targeted advertising efforts, and rebuild things with an initiative called FLoC, or Federated Learning of Cohorts. Not without controversy, Google's FLoC ad-tracking has drawn an...
Read more...
As the coronavirus pandemic continues around the world, everyone's lives have changed. The way we work and learn is significantly different now than it was only a few months ago as people shelter in place, and offices and schools around the globe have been forced to move to a distance model. Teaching from home has...
Read more...
It is estimated that there are over 50,000 WordPress plugins and more than 1.25 billion total plugin downloads. However, not all plugins are created equal. Security researchers recently discovered plugin vulnerabilities that could affect over 400,000 WordPress-based sites. These vulnerabilities were found in the...
Read more...
Own a website that runs on WordPress? You'll want to pay attention to this story. Since last week, there's been an ongoing brute-force attack that's targeted stand-alone WordPress installations. Like most login prompts, WordPress' will lock you out for some time after putting in an incorrect password a certain number...
Read more...
