Verizon has agreed to sell micro-blogging website Tumblr to WordPress owner Automattic Inc, Wall Street Journal reports. The price amount for the deal is yet to be known. However, according to Axios, it’s well under $10 million. This is not even one-third of the price Yahoo paid when it acquired Tumble 6 years ago. “We […]
Experts in vulnerability testing discovered a critical flaw in Ad Inserter, a plugin for advertising management on WordPress sites. If exploited, this flaw would allow any low-privileged user to execute code on the compromised web server. After the presence of this flaw was verified, multiple members of the cybersecurity community recommended that system administrators using […]
WordPress and other CMS (Content Management System) are heaven-sent for non-programmers, as they can build and update the contents of their website without knowing any programming languages or scripting techniques. Developers of CMS are on-top of the situation when it comes to fixing bugs and security vulnerabilities of their products, however, the same CMS feature […]
WordPress.org is a blogging platform that is owned and hosted online by Automattic. It is run on a modified version of WordPress, an open source piece of software used by bloggers. This website provides free blog hosting for registered users and is financially supported via paid upgrades, “VIP” services and advertising. The site opened to […]
Cybersecurity specialists recommend e-commerce WordPress websites using the WooCommerce plugin to remain alert due to the presence of a critical vulnerability that, if exploited, could allow hackers to take control of trade movements on a compromised website. Plugin Vulnerabilities, a company dedicated to the security of sites in WordPress, was in charge of revealing the […]
WordPress websites need to be protected against SQL injection threats. SQL (Structured Query Language) is a widely used database language, a domain specific language that’s designed for managing data in a relational database management system (RDBMS). SQL injection attacks, which happen by exploiting security vulnerabilities in an application’s software, happen when malicious SQL statements are […]
Cyber forensics course specialists report an active campaign to exploit two critical vulnerabilities in Social Warfare, one of the most used social media plugins, to take control over WordPress websites that use a non updated version of this plugin. Social Warfare is a plugin widely used by WordPress site administrators and has been downloaded almost […]
Here comes news about another WordPress website security breach carried out by exploiting plugin vulnerabilities. Reports say that hackers have been exploiting vulnerabilities in a popular social media sharing plugin on WordPress. The Hacker News reports, “Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing […]
Take your business to the next level in 2019, with the best WordPress plugins to? There are over 50k WordPress plugins to choose from, and the user has plenty to think about which one to go for. We have narrowed it down to the best 10 WordPress plugins. 1. Beaver Builder Most business website owners […]
Mailgun’s WordPress website has been hit by a spray-and-pray hacking campaign, as part of the massive attack on WordPress websites. Mailgun, email automation, and delivery service providers have been targeted by this attack, which is part of the coordinated attacks on WordPress websites exploiting a plugin-related vulnerability. ZDNet reports, “Email automation and delivery service Mailgun […]
WPScan is a WordPress security scan for detecting and reporting WordPress vulnerabilities. WordPress is a free online Open source content Managed system focused on PHP and MySQL. It is one of the powerful and most used blogging tools. As there is too many up’s and down’s in WordPress usage, it requires a security improvement, so […]
The use of a Content Management System (CMS) to manage websites is heaven sent for non-programmers. The ease of use through a WYSIWYG editor it provides is like publishing a content similar to how to write articles in a word processor program. Problem with CMS is its complexity is hidden from the web content writer/publisher, […]
Scan WordPress websites for vulnerabilities WPScan Kali Linux WPScan is a black box vulnerability scanner for WordPress websites. WPScan comes pre-installed in Kali Linux. Kali Linux is a popular Linux distribution built on Debian Kali Linux comes with many of the best ethical hacking tools pre-installed. If you’re not using Kali Linux and you […]
CMS based sites such as WordPress and Joomla are the popular targets for cybercriminals, they hijack those sites and inject malicious contents. ThreatLabZ researchers detected a campaign that targets WordPress and Joomla sites to distribute Shade/Troldesh ransomware, backdoors, redirectors, and a variety of phishing pages. Hackers use to hijack several hundreds of CMS sites and […]
Apparently, the malware attack is carried out by Russian speaking hackers. The IT security researchers at Zscaler have discovered a sophisticated malware campaign targeting websites based on WordPress and Joomla content management system (CMS). The campaign works in such a way that hackers take advantage of a hidden directory on HTTPS and exploit vulnerabilities in extensions, plugins, and themes […]
If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it’s highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your website. Simon Scannell, a researcher at RIPS Technologies GmbH, who previously reported multiple critical vulnerabilities in WordPress, […]
As WordPress gained popularity over its CMS competitors like Joomla and Drupal, it grew to a level where plugin developers jumped into the bandwagon effect. Plugins are a double-edged sword; it extends WordPress’ capabilities beyond the default functions. But it comes with risks which if not checked can cause trouble for the website. Woocommerce Abandoned […]
Are you planning to hand over admin access of your WordPress site to someone else? You certainly need to take some steps to ensure the security of your WordPress website. Since your WordPress site is your creation and you have put in a lot of hard work and efforts to make it what it is […]
Exclusive — If you have not updated your website to the latest WordPress version 5.0.3, it’s a brilliant idea to upgrade the content management software of your site now. From now, I mean immediately. Cybersecurity researchers at RIPS Technologies GmbH today shared their latest research with The Hacker News, revealing the existence of a critical […]
Many WordPress websites have come under attack via a zero-day flaw in an abandoned plugin. The “Total Donations” plugin, which was earlier used by many WordPress website owners, has now started creating issues. Some hackers have started exploiting an unpatched vulnerability in the code of this plugin to attack WordPress websites. Security experts at Defiant, […]
The plugin’s users are recommended to change their passwords on WPML’s website following havoc reportedly wrought by a disgruntled ex-employee