Posts By Naman Rastogi

Authentication Bypass Vulnerability in WP Time Capsule Ver

WP Time Capsule is quite a popular WordPress plugin when it comes to WordPress back-ups & staging. It has turned the complex processes of backing up & staging a click's affair. However, given the fragile nature of security in WordPress plugins, vulnerability disclosures are not quite unexpected. Certainly, the WP Time Capsule plugin is no exception. In fact, on the 8th of January, a serious Authentication Bypass Vulnerability was discovered in this popular plugin.

Vulnerability in Ultimate Addons for Elementor & Beaver Builder - Update Required

Critical vulnerability found in Popular WordPress plugins Ultimate Addons for Elementor and Ultimate Addons for Beaver Builder. Developed by Brainstorm Force team, it makes a set of plugins easily accessible for your WordPress website. Ultimate Addons released an advisory on both its websites regarding the patch of vulnerability. However, it does not detail the vulnerability in the advisory. Nevertheless, we dug the vulnerability details from other sources.

WP maintenance plugin has been found to be vulnerable to CSRF and stored XSS. On November 15th, WordFence reported the vulnerability to WP maintenance plugin's developers. Following which the plugin developers (Florent Malliefaud) urgently patched the vulnerability in just a day. Version 5.0.6 is free of vulnerabilities. We recommend you update your plugin from any previous version to this. About…

Plugin Name: GiveWP Vulnerability: Authentication Bypass with Information Disclosure Affected Versions: <= 2.5.4 Patched Version: 2.5.5   Just a few weeks ago, a vulnerability was detected in GiveWP, a WordPress plugin installed on more than 70,000 websites.  Considered a high-security issue, this vulnerability is affecting the websites running Give 2.5.4 or below, as such must be updated to version 2.5.5. …

Astra's Web Hosting Malware Scanner and Antivirus

Hosting servers are the foothold of a website. Reasonably, it becomes a nightmare for the administrator if the hosting server goes south due to a malware infection. It is nothing less than painful to detect the source & level of infection. Furthermore, the search for the solution in these cases seems endless. But, your pain would have been relieved long back, had you found a good web host malware scanner.

Not every Drupal website needs or wants traction in each country within the world. Websites like a flower shop, bakery, car wash, laundry, babysitting, lawn mowing, etc. may be relevant only to locals of an area. Overseas attention might be irrelevant & absurd for these Drupal sites. Now, this is where country blocking comes as a relief. Unless you consciously…

How Does Magento Card Skimming Work & How to be safe?

Magento Card Skimming is the practice of illegally stealing credit/debit info by injecting malicious scripts called 'skimmers' on a Magento website. If you are an owner of a Magento-powered website then this article is for you. Here, we bring to you a good resource with all the necessary details revolving around Magento card skimming security issue.

Free Website Security Scanner