WordPress 5.5 is Now the Default for New WP Engine Sites
WordPress 5.5 “Eckstine” is the second major release for WordPress this year, and it’s jam-packed with exciting features and functionality—it’s also now the current default version of WordPress for all new sites built on WP Engine’s managed WordPress platform. If...Critical Privilege Escalation Vulnerabilities Affect 100K Sites Using Ultimate Member Plugin
On October 23, 2020, our Threat Intelligence team responsibly disclosed several vulnerabilities in Ultimate Member, a WordPress plugin installed on over 100,000 sites. These flaws made it possible for attackers to escalate their privileges to those of an administrator...Episode 94: Hosting Provider Exposed 63 Million Customer Records
A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites. We also talk about the security updates in WordPress...