WordPress 4.9.7 is now available. This is a privacy and maintenance release, that fixes 17 bugs. We encourage you to update your sites to take advantage of the new privacy features. From the WordPress 4.9.7 release post, WordPress versions 4.9.6 and earlier (detailed in our post here: 2 WORDPRESS CORE VULNERABILITIES...
WP SERVICES
For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Redirection Authenticated Local File Inclusion reported by Ryan (Dewhurst Security). ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem. If you are logged in as an administrator on any site...
For your WordPress protection, be informed about the NEW UNPATCHED WordPress Core vulnerability. Publicly known since its first official report on June 26, 2018 or it's official disclosure 7 months ago. All versions of WordPress starting with the latest 4.9.6 and below have the Authenticated Arbitrary File Deletion vulnerability. WordPress...
4 easy steps for GDPR compliance: Our disaster recovery plan: Can you hear me now? Collecting, but not us: So targeted: 99.99% compliant: Complaince look: Everybody needs to be compliant: The Final Countdown: GDPR Resume: GDPR Dating: GDPR Deadline: Delegating compliance within the team:
The Data Subject is a natural person (a human being) whose personal data is processed by a controller or processor (or both). For example, a data subject can be your website visitor, your customer or even your employee. GDPR Art. 4 (1): ‘personal data’ means any information relating to an...
Processing can be any activity or set of activities performed on personal data, e.g. viewing, collecting, storing, transferring, modifying, erasing. Simply put, pretty much anything you do with your customers’ data on purpose is “processing.” GDPR Art. 4 (2): ‘processing’ means any operation or set of operations which is performed...
For your WP Security, be informed about the latest vulnerabilities in WordPress themes: BBE Theme Direct Object Reference reported by Ryan (Dewhurst Security). The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor. immediately upgrade to version 1.53 to fix the vulnerability
For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Form Maker by WD CSV Injection reported by Ryan (Dewhurst Security). Custom Forms version 1.12.20 is affected by the vulnerability Remote Command Execution using CSV Injection. This allows a public user to inject commands as a part...
You, as WordPress owner, you are the controller A controller is someone who determines the purpose (the why) and means (the how) of processing personal data. If you own a website that does anything with its visitor's personal data, you are the controller. You control your customers’ data and you...
You MUST get an explicit agreement to your Terms and Conditions and Privacy Policy from your visitors, customers, if they interact with your online presence (website, emails, social media, etc), no matter what they do. Examples are (but not limited): creating an account; signing up; requesting information from you; commenting...