For your WordPress protection, be informed about the latest WordPress Core vulnerability, fixed in security release WordPress 4.8.3 from October 31, 2017. This bug creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to account takeovers. If this sounds familiar,…
For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Content Timeline Multiple Blind SQL Injection reported by Jeroen (IT Nerdbox). One unauthenticated and two authenticated injections in the premium ‘Content Timeline’ WP plugin. Author contacted twice without any response. remove this plugin to fix vulnerabilities, as…
For your WordPress protection, be informed about the latest WordPress Core vulnerabilities fixed in security release WordPress 4.8.2 from September 2017. WordPress versions 4.8.1 and earlier are affected by these security issues: $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly…
For your WP Security, be informed about the latest vulnerabilities in WP plugins: Participants Database Cross site scripting (XSS) reported by Benjamin Lim (https://limbenjamin.com). Exploit allows attackers to inject arbitrary Javascript via the Name parameter. immediately update to version 1.7.5.9 to fix vulnerability Display Widgets Backdoored reported by Jonas Lejon…
For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: AddToAny Share Buttons Conditional Host Header Injection reported by Paul Dannewitz. It’s possible to inject a custom Host-Header, that will be used for building the link, which is going to be shared on Social Media platforms when…
Your freshly installed, brand new WP is discovered faster than you imagine. Amazingly, even before you are informed. Find out how in this post. New WordPress installs are the main focus for smart hackers. The race to take over a fresh WP reached new epic heights. We live in a…
If you are unable to receive WordPress emails, then there is a chance that your server is hacked to send spam emails to all of us. You should not feel bad about spamming your friends and loved ones because by current statistics 90% of all e-mail is SPAM. There are…
For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: WP Statistics SQL injection reported by Sucuri. Exploit allows to create an admin-level user and sign in to your WordPress as an admin. Cross-Site Scripting (XSS) reported by Dewhurst Security. Exploit allows attackers to compromise a WordPress…
If you are unable to login to your WordPress site, then there is a chance that hackers may have compromised your admin account from WordPress. There are some common tell-tale signs that should help you figure out if your WordPress site is compromised. Don’t panic, but this is serious! In…
