Astra Web Security Blog - Website & CMS Security News

astra, web, security, blog, website, cms, security, news

Explore easily with these CMS filters

Export Users to CSV is a WordPress plugin that allows website owners/admins to export users list and metadata in a CSV file. While testing the plugin, I was able to find that it is vulnerable to CSV Injection. CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program such as…

Do you know how strong your Magento security is? What if someone else finds a vulnerability in your store before you do? To answer these questions you can do a Magento security audit. An audit is necessary to understand how effective your security is and where reinforcements are required. There are several services that offer security audits for your Magento…

How to Do a WordPress Security Audit?

WordPress is one of the most widely used CMS around the world. However, over 70% of WordPress websites are vulnerable to attacks. Shockingly most people don't know if they are vulnerable or not. Most web owners go years without ever checking their website's security status. No wonder they are the first to get hacked. Knowing your vulnerabilities is the first step in patching them. This is where the WordPress security audit comes in.

It’s hard to find a website security guide that does not list Website Security Audit as a must. Cybersecurity enthusiasts have been highlighting the need for a website security audit for a while now. But it is only now that web owners started acknowledging it as a necessity for their business. A reliable website security audit analyzes your web system…

Joomla Security Audit & Penetration Testing: Steps & Tools

Till today, there are 130 CVEs recorded in the Joomla CMS. Getting your site hacked not only costs you heavily but also is a nuisance. Each hack on a Joomla website incurs a loss of data, money, business, trust & reputation to the website as well as CMS. There have already been countless cases of Joomla hacks.

Drupal Security Audit & Penetration Testing: Steps & Tools

Drupal has been a popular choice for CMS however, it's security has been a point of debate. The Drupal team has always claimed it to be the more secure CMS among the popular ones. Contrary to this claim, some critics have claimed that Drupal's security is no different than any other CMS.

Are you into web development? Or do you own a website? If yes, then chances are that you have used PHP at some point. PHP stands for Hypertext Preprocessor, is one of the most commonly used scripting languages for web development. Well-known websites such as Facebook, Wikipedia and WordPress are built using PHP as their back end script language. However, as…

Most organizations dread vulnerabilities in their website. Since unpatched vulnerabilities & bugs invite attacks, it is in your best interest to safeguard your website in advance. A cyber attack can allow any hacker to have access to all your customer records, their financial information, and other sensitive information. The risks are too high. In fact, the cost of a malware…

As we all know, WordPress now is the world's most popular open-source CMS for many years. WordPress operates on the criteria of being delicious and cheap. Hence, it is strongly supported by the web developer community. However, its popularity is followed by potential dangers. This article will cover the question "Is WordPress safe?" and some issues stirring the whole society…

Free Website Security Scanner

Close