WordPress Vulnerability Roundup: December 2020, Part 1
New WordPress plugin and theme vulnerabilities were disclosed during the first half of December. This post covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress...WordPress 5.6 “Simone”
Meet Simone, our latest and greatest WordPress release. Named for the legendary performer Nina Simone, who is known for tunes like “Feeling Good”, “Young, Gifted and Black”, and “Four Women”. Fire up a playlist with her best work...
WordPress 5.6 Introduces a New Risk to Your Site: What to Do
WordPress 5.6, the final major release planned for 2020, comes out today, on December 8, 2020. It includes a few major features and updates, as well as a huge number of minor enhancements and bug fixes. A few changes have immediate implications for security and...
Fake WordPress Functions Conceal assert() Backdoor
A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting. Among 246 other lines, this very specific part stood out to me: $config =...
WP 2FA 1.5: Fully responsive wizard & performance updates
Today we are excited to announce update 1.5 of the WP 2FA plugin. The highlight of this update is the new fully responsive 2FA wizard and a much improved and efficient code. In this update we have also improved a lot of under the hood things. Let’s dive right in for a...
WordPress Vulnerability Roundup: October 2020, Part 1
New WordPress plugin and theme vulnerabilities were disclosed during the first half of October. In this post, we cover recent WordPress plugin, theme, and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website....