Statistics highlight the biggest source of WordPress vulnerabilities
We all know that plenty of WordPress sites are getting hacked each year. Is it because WordPress is an insecure system? Is it a global WordPress issue, or does it come from those webmasters’ actions? How, and why is it happening? Whether you are running a personal...
WP Activity Log 4.1.4: the new extension for Yoast SEO & improved coverage
We are happy to announce the launch of WP Activity Log 4.1.4. This update includes a lot of improvements, and is particularly important for Yoast SEO plugin users. From now on the activity log for Yoast SEO functionality will be available through an extension. With...
SiteCheck Malware Report: September Summary
Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides immediate results, without the need to install any...Vulnerability Exposes Over 4 Million Sites Using WPBakery
On July 27th, our Threat Intelligence team discovered a vulnerability in WPBakery, a WordPress plugin installed on over 4.3 million sites. This flaw made it possible for authenticated attackers with contributor-level or above permissions to inject malicious JavaScript...
iThemes Security Pro Feature Spotlight – WordPress Security Logs
In the Feature Spotlight posts, we will highlight a feature in the iThemes Security Pro plugin and share a bit about why we developed the feature, who the feature is for, and how to use the feature. Today we will cover the iThemes Security Pro WordPress Security Logs,...High Severity Vulnerabilities in Post Grid and Team Showcase Plugins
On September 14, 2020, our Threat Intelligence team discovered two high severity vulnerabilities in Post Grid, a WordPress plugin with over 60,000 installations. While investigating one of these vulnerabilities, we discovered that almost identical vulnerabilities were...
Getting The Right WordPress Security Assistance: An Interview With Gerasimos From Codeable
We already know the security of your site is important. But this is an undertaking that is hard to do properly without the expertise of a website professional who truly specializes in website security (and backups). Finding the right expert is equally as important, as...Episode 89: Shopify Rogue Employees, Medium and Twitter Vulnerabilities, and Hackers Hiding Out in Corporate Networks
Shopify reports that two rogue employees stole data from 200 merchants on their platform. A security researcher found a vulnerability in the Medium Partner Program could have allowed an attacker to steal writers’ earnings. Symantec reports that a state-sponsored...