Don’t Miss WP Engine’s All-Virtual DE{CODE} 2021!

Born out of the idea that the best developers in the world are those who never stop learning, we’re excited to kick off WP Engine’s second-annual DE{CODE} event this Thursday, March 4th, at 10 a.m. CST! DE{CODE} is a 100% virtual, developer-focused conference aimed at helping developers build better sites with WordPress, both faster and… […] More info: https://wpengine.com/blog/dont-miss-wp-engines-all-virtual-decode-2021/

Episode 107: Two Plugin Vulnerabilities Target File Upload Capabilities

The Wordfence Threat intelligence team finds vulnerabilities in two plugins, the User Profile Picture plugin and the WooCommerce Upload Files plugin. WordPress 5.7 is set to release on Tuesday, March 9 with numerous enhancements for the block editor, a new robots.txt API, and a stay of execution on jQuery-migrate. A zero day affecting Microsoft Exchange […] More info: https://www.wordfence.com/blog/2021/03/episode-107-two-plugin-vulnerabilities-target-file-upload-capabilities/

Episode 107: Two Plugin Vulnerabilities Target File Upload Capabilities

The Wordfence Threat intelligence team finds vulnerabilities in two plugins, the User Profile Picture plugin and the WooCommerce Upload Files plugin. WordPress 5.7 is set to release on Tuesday, March 9 with numerous enhancements for the block editor, a new robots.txt API, and a stay of execution on jQuery-migrate. A zero day affecting Microsoft Exchange […] More info: https://www.wordfence.com/blog/2021/03/episode-107-two-plugin-vulnerabilities-target-file-upload-capabilities/

How to manually backup your WordPress website without a plugin

It’s important to understand the most fundamental WordPress tasks when running your site. Security, of course, should be one of your primary considerations. Creating a manual WordPress backup should also be in your toolbox. You should use a dedicated backup plugin or online service to automatically back up your website. However, by knowing how to […] More info: https://www.wpwhitesecurity.com/manual-wordpress-backup-without-plugin/

How to manually backup your WordPress website without a plugin

It’s important to understand the most fundamental WordPress tasks when running your site. Security, of course, should be one of your primary considerations. Creating a manual WordPress backup should also be in your toolbox. You should use a dedicated backup plugin or online service to automatically back up your website. However, by knowing how to […] More info: https://www.wpwhitesecurity.com/manual-wordpress-backup-without-plugin/

BIND vulnerability CVE-2020-8625

BIND vulnerability CVE-2020-8625 Security Advisory Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In ... More info: https://support.f5.com/csp/article/K13591074?utm_source=f5support&utm_medium=RSS

BIND vulnerability CVE-2020-8625

BIND vulnerability CVE-2020-8625 Security Advisory Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In ... More info: https://support.f5.com/csp/article/K13591074?utm_source=f5support&utm_medium=RSS

SQL Triggers in Website Backdoors

Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries inject an admin level user into the infected database whenever the trigger condition is met. What makes this especially problematic for website owners is that most malware cleanup guides focus […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/YO_WM-0196E/sql-triggers-in-website-backdoors.html

Episode 106: Admin Password Resets, Blockchain Botnets and a Central Management RCE

WordPress 5.7 is due to be released on March 9, and it will allow administrators to send password reset emails to users. A botnet is abusing the Bitcoin blockchain for command and control, while VMWare fixes a critical remote code execution bug in all default vCenter installations. Android users now have an easy way to […] More info: https://www.wordfence.com/blog/2021/02/episode-106-admin-password-resets-blockchain-botnets-and-a-central-management-rce/

WordPress Plugin: Disable WP Robots

WordPress 5.7 features a new Robots API that provides filter-based control over the robots meta tag. So if your site is running WordPress 5.7 or better, you will notice a new tag included in the section of your web pages. By default, the meta tag added by WordPress has a value of max-image-preview:large, […] More info: https://perishablepress.com/wordpress-disable-wp-robots/
Translate »