Last fall as wildfires ravaged much of Australia, we were deeply affected by the stories of destruction coming out of numerous communities. As a global company with customers and friends in the region affected by these events, we looked for opportunities to help, much like we did with the WordCamp Asia Cancellation Fee Assistance program. […]
More info:
https://www.wordfence.com/blog/2020/04/wordfence-helping-our-friends-in-australia-fight-bush-fires/
Jim Walker Free Consultation by Phone We Fix Hacked Websites Fast (619) 479-6637. Today’s WordPress hackers are smarter. Many malware removal services focus on symptom hunting instead of providing complete website security. By symptom hunting, I’m referring to the use of automated scanners to search for and remove malicious scripting from within website files. A […]
More info:
https://hackrepair.com/blog/wordpress-symptom-hunting-malware-removal-services-and-the-anyone-can-register-hack
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10998&actp=RSS
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11002&actp=RSS
The FTC is reporting numerous scams targeting fears and uncertainty, with over $12 million lost to Coronavirus-related scams. We also cover BBB warnings against oversharing on social media, over 500,000 Zoom credentials found on the dark web, Google’s removal of malicious Chrome extensions, as well as recent plugin and theme vulnerabilities. We also chatted with […]
More info:
https://www.wordfence.com/blog/2020/04/episode-73-security-news-and-success-through-processes-with-adam-silver/
Today we are excited to announce WP Security Audit Log 4.0.3. It features an improved WooCommerce activity log sensor with broader coverage, support for the new WooCommerce 4.0 and the new admin tool, an activity log add-on for bbPress, and many other plugin updates. Let’s dive right in for more details on what is new […]
More info:
https://www.wpsecurityauditlog.com/releases/update-4-0-3/
New WordPress plugin and theme vulnerabilities were disclosed during the first half of April, so we want to keep you aware. In this post, we cover recent WordPress plugin, theme and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-april-2020-part-1/
On March 12, 2020, our Threat Intelligence team discovered a stored Cross-Site Scripting (XSS) vulnerability in Widget Settings Importer/Exporter, a WordPress plugin with over 40,000 installations. This flaw allowed an authenticated attacker with minimal, subscriber-level permissions to import and activate custom widgets containing arbitrary JavaScript into a site with the plugin installed. We reached out […]
More info:
https://www.wordfence.com/blog/2020/04/unpatched-high-severity-vulnerability-in-widget-settings-importer-exporter-plugin/
A few weeks ago, our Threat Intelligence team discovered a vulnerability in Accordion, a WordPress plugin installed on over 30,000 sites. This flaw allowed any authenticated user with subscriber-level and above permissions the ability to import a new accordion and inject malicious Javascript as part of the accordion. We initially reached out to the plugin’s […]
More info:
https://www.wordfence.com/blog/2020/04/vulnerability-patched-in-accordion-plugin/
A few weeks ago, our Threat Intelligence team discovered a vulnerability in Accordion, a WordPress plugin installed on over 30,000 sites. This flaw allowed any authenticated user with subscriber-level and above permissions the ability to import a new accordion and inject malicious Javascript as part of the accordion. We initially reached out to the plugin’s […]
More info:
https://www.wordfence.com/blog/2020/04/vulnerability-patched-in-accordion-plugin/
