WordPress Vulnerability Roundup: September 2020, Part 2
Quite a few new WordPress plugin and theme vulnerabilities were disclosed during the second half of September, making this one of our largest round-ups to date. In this post, we cover recent WordPress plugin, theme, and core vulnerabilities and what to do if you are...
Activity log for WPForms 1.1: logs for integration of third party services & more!
We are excited to announce a new update of Activity Log for the WPForms. With this extension for the WP Activity Log plugin you can keep a log of changes your team does on forms and the WPForms plugin settings. In this update we focused mostly on improving the...Critical Vulnerabilities Patched in XCloner Backup and Restore Plugin
On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. This flaw gave authenticated attackers, with subscriber-level or above capabilities, the ability to...
How to fix HTTP 500 Internal Server Error in WordPress
Are you frustrated trying to fix the HTTP 500 Internal Server Error on your WordPress site? You’re not alone. This is one of the most dreaded errors on WordPress because it never has a straightforward solution. Troubleshooting can take a lot of time and meanwhile,...Episode 87: Vulnerabilities Affect Discount Rules for WooCommerce Plugin, ModSecurity & Windows
Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites. Developers from OWASP Core Rule Set said ModSecurity v3 is exposed to denial of service exploits, though the maintainers of ModSecurity reject...
How to log user activity on your website while employees are remote working
With the pandemic still very much a feature of working lives globally, the number of employees working remotely has dramatically surpassed pre-virus levels. Even after normality is hopefully restored at some point during 2021. It’s expected that at least 25-30% of...High-Severity Vulnerabilities Patched in Discount Rules for WooCommerce
On August 20, 2020, the Wordfence Threat Intelligence team was made aware of several vulnerabilities that had been patched in Discount Rules for WooCommerce, a WordPress plugin installed on over 40,000 sites. We released a firewall rule to protect against these...
New! Banned Users Gets an Upgrade in iThemes Security Pro 6.7.0
The iThemes Security Pro Banned Users feature just got an upgrade. Banned Users version now gives you more flexibility on how bans are enforced on your website. Plus, with the new Banned Users Security Card, you can manage your bans directly from your WordPress...