New WordPress plugin and theme vulnerabilities were disclosed during the second half of December. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress […]
More info:
https://ithemes.com/wordpress-vulnerability-roundup-december-2020-part-2/
The SolarWinds supply chain attack is all over the news, impacting government agencies, telecommunications firms, and other large organizations. The security firm FireEye was the first victim of the attack, disclosing that they had been hacked on December 8, 2020. On December 13th the US Treasury Department announced that it had also been compromised. At […]
More info:
https://www.wordfence.com/blog/2020/12/solarwinds-and-supply-chain-attacks-could-it-happen-to-wordpress/
Chloe Chamberland is a threat analyst and member of the Wordfence Threat Intelligence Team. She holds the following certifications: OSCP, OSWP, OSWE, Security+, CySA+, PenTest+, CASP+, SSCP, Associate of (ISC)2, CEH, ECSA and eWPT. Many of these are advanced certifications including OSCP and OSWE which are 24 and 48 hour exams respectively, that require hands-on […]
More info:
https://www.wordfence.com/blog/2020/12/who-attacked-solarwinds-and-why-wordpress-users-need-to-know/
It’s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and ranking on search engines — all this costs a lot of money. At the end of the day, some site owners may even choose to […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/5HXxjdP_fig/seo-spam-links-in-nulled-plugins.html
Users are often looking for ways to tweak their websites, plugins and themes, or to add some modifications to an existing functionality. In most of these cases, you can do so by adding custom code to your WordPress website. There is nothing wrong with adding custom code to your website. However, there are a few […]
More info:
https://www.wpwhitesecurity.com/safely-add-custom-code-wordpress-websites/
