WP Security: premium theme vulnerability in February 2019

For your WordPress protection, be informed about the latest WordPress Core vulnerability, fixed in WordPress 4.9.2 Security and Maintenance Release from January 16, 2018. WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement). MediaElement has released a new version that contains a fix for the…

For your WordPress protection, be informed about the latest WordPress Core vulnerability, fixed in security release WordPress 4.8.3 from October 31, 2017. This bug creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to account takeovers. If this sounds familiar,…

Attackers have relied more and more on social engineering to trick users into revealing credentials, installing malware or wiring funds. Few of us are still tempted to send money to distressed Nigerian princes anymore. But the basic principles behind those early email scams are alive and well. We see them…

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. WordPress versions 4.9 and earlier are affected by 4 security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team’s ongoing commitment to security…

WordPress security is often referred to as “reinforcement” or “hardening”. Makes sense. After all, the process is like adding reinforcements to your existing security, hardening the current capabilities. We created a few fun quizzes, to allow users to test their own WordPress Security skills. All these quizzes can be 100%…

If you are unable to login to your WordPress site, then there is a chance that hackers may have compromised your admin account from WordPress. There are some common tell-tale signs that should help you figure out if your WordPress site is compromised. Don’t panic, but this is serious! In…

Security: Newer browsers protect you better against viruses, scams and other threats. Outdated browsers are slow and have security holes. Speed: Every new browser generation improves speed. Even minor updates can make a considerable difference to speed factors. Technological compatibility: Modern websites are taking advantages of all the new features…

WP Security bulletin – June 2019 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 47 vulnerabilities in WordPress plugins identified and reported publicly in June 2019. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins – your…

Social engineering approaches further matured in both phishing and malware attacks, with increased geotargeted malware attacks. For all the known WordPress Security issues, these were the most identified types: BANKING TROJANS: This type of malware steals victims bank login credentials, usually by redirecting victims’ browser to a fake version of…