On March 4, 2021, the Wordfence Threat Intelligence team initiated responsible disclosure for a Time-Based Blind SQL Injection vulnerability discovered in Spam protection, AntiSpam, FireWall by CleanTalk, a WordPress plugin installed on over 100,000 sites. This vulnerability could be used to extract sensitive information from a site’s database, including user emails and password hashes, all […]
More info:
https://www.wordfence.com/blog/2021/05/sql-injection-vulnerability-patched-in-cleantalk-antispam-plugin/
As WordPress grows, both in usage as a CMS and in participation as a community, it’s important for us to shed the idea that software creation is only about what literally can be done to code or what literally can be done to core or what literally can be done to the CMS. That was […]
More info:
https://wordpress.org/news/2021/05/the-month-in-wordpress-april-2021/
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. Responsible disclosure and reporting of vulnerabilities is […]
More info:
https://ithemes.com/wordpress-vulnerability-report-may-2021-part-1/
If you’re serious about your website’s security, then it’s time to learn about the dangers of SQL injections and how you can combat them. The term SQL injection (also called SQLi) refers to a type of cyberattack technique that is a common way for hackers to compromise websites of all kinds, including sites that run […]
More info:
https://ithemes.com/sql-injection-wordpress/
A vulnerability discovered in Packagist, which is used by Composer to manage PHP package requests, could have allowed attackers to trick Composer into downloading backdoored source code, potentially affecting all WordPress sites. Packagist reports that it’s not aware of any exploits. A SQL injection vulnerability was patched in the CleanTalk AntiSpam plugin installed on over […]
More info:
https://www.wordfence.com/blog/2021/05/episode-116-packagist-patch-shows-how-supply-chain-threats-could-impact-wordpress/
This article covers our public notifications related to major security issues our clients and the WordPress community should know about. We are always focused on prevention and the mitigation of […]
More info:
https://pagely.com/blog/wordpress-security-updates-april-2021/
Most site owners are well-aware of the impact of both good and bad Search Engine Optimization (SEO). As such, monitoring how SEO affects your site is vital. In fact, there’s a simple way to keep a log of Yoast SEO changes across your entire site. We develop an activity log extension with which you can […]
More info:
https://wpactivitylog.com/keep-log-yoast-seo-changes/
Mark your calendars for VMware Security’s annual cybersecurity conference, Security Connect 2021, June 3-4. This free online event will bring together thousands of security leaders and practitioners from around the world to explore what’s changing and what’s next in security. Tap into a wide range of content including visionary keynotes, expert-led technical sessions, interactive activities, hands-on labs, and more. Register and learn The post Security Connect 2021 (June 3-4):
More info:
https://blogs.vmware.com/security/2021/05/security-connect-2021-june-3-4-redefining-security-together-register-now.html?utm_source=rss&utm_medium=rss&utm_campaign=security-connect-2021-june-3-4-redefining-security-together-register-now
GNU Libmicrohttpd vulnerability CVE-2021-3466 Security Advisory Security Advisory Description A flaw was found in libmicrohttpd in versions before 0.9.71. A missing bounds check in the post_ ...
More info:
https://support.f5.com/csp/article/K47306214?utm_source=f5support&utm_medium=RSS
VMware is excited to sponsor RSA Conference 2021, one of the year’s largest security events offering hundreds of immersive sessions and ways to collaborate with peers. The theme of this year’s conference, held virtually from May 17-20, is Resilience. At VMware, attaining and sustaining resiliency is in our DNA. In fact, it’s one of the The post Building Greater Resilience – VMware at RSAC 2021 appeared first on Security & Compliance Blog.
More info:
https://blogs.vmware.com/security/2021/05/building-greater-resilience-vmware-at-rsac-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=building-greater-resilience-vmware-at-rsac-2021
