The Month in WordPress: June 2021
Once you step into contribution time, your main concern is the users of WordPress, or new contributors, or the health of the WordPress ecosystem as a whole or the WordPress project. So you get all this subject matter expertise from competitive forces, collaborating in...Hardening PHP for WordPress
WordPress runs on PHP, and is a core component to pay attention to when hardening your WordPress site. This article will cover some of the most common, low-hanging fruit you can address when it comes to PHP security for WordPress. Heads up – Be careful when...
Online Credit Card Theft – A Brief Overview of Online Fraud and Abuse – Part 2
In my previous post about ecommerce credit card swipers I described the general overview of the online ecommerce environment as well as some of the reasons behind why websites become compromised with this type of malware. In this post I will go into some more detail...
WordPress Vulnerability Report: June 2021, Part 5
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable...
WordPress 5.8 Release Candidate
The first release candidate for WordPress 5.8 is now available! Please join us in celebrating this very important milestone in the community’s progress towards the final release of WordPress 5.8! “Release Candidate” means the new version is ready for release,...
CSS: Odd Bug with Colons and Combined Pseudo Elements
According to specification (and these helpful posts by Chris Coyier), CSS pseudo elements like ::before and ::after should be written with two preceding colons. It can be confusing because while pseudo elements are prefixed by two colons, like ::element, pseudo...Monthly WordPress Security Roundup [June 2021]
Hello everyone, it’s Kanishk again from Astra Security, bringing you the latest in WordPress security with another version of our Monthly WordPress Security Roundup for June 2021. We will be discussing vulnerabilities disclosures & bug fixes in the WP core,...Easily Exploitable Critical Vulnerabilities Patched in ProfilePress Plugin
On May 27, 2021, the Wordfence Threat Intelligence team initiated the responsible disclosure process for several vulnerabilities that were discovered in ProfilePress, formerly WP User Avatar, a WordPress plugin installed on over 400,000 sites. These flaws made it...