WP Time Capsule is quite a popular WordPress plugin when it comes to WordPress back-ups & staging. It has turned the complex processes of backing up & staging a click's affair. However, given the fragile nature of security in WordPress plugins, vulnerability disclosures are not quite unexpected. Certainly, the WP Time Capsule plugin is no exception. In fact, on the 8th of January, a serious Authentication Bypass Vulnerability was discovered in this popular plugin.
Critical vulnerability found in Popular WordPress plugins Ultimate Addons for Elementor and Ultimate Addons for Beaver Builder. Developed by Brainstorm Force team, it makes a set of plugins easily accessible for your WordPress website. Ultimate Addons released an advisory on both its websites regarding the patch of vulnerability. However, it does not detail the vulnerability in the advisory. Nevertheless, we dug the vulnerability details from other sources.
WP maintenance plugin has been found to be vulnerable to CSRF and stored XSS. On November 15th, WordFence reported the vulnerability to WP maintenance plugin's developers. Following which the plugin developers (Florent Malliefaud) urgently patched the vulnerability in just a day. Version 5.0.6 is free of vulnerabilities. We recommend you update your plugin from any previous version to this. About…
Plugin Name: GiveWP Vulnerability: Authentication Bypass with Information Disclosure Affected Versions: <= 2.5.4 Patched Version: 2.5.5 Just a few weeks ago, a vulnerability was detected in GiveWP, a WordPress plugin installed on more than 70,000 websites. Considered a high-security issue, this vulnerability is affecting the websites running Give 2.5.4 or below, as such must be updated to version 2.5.5. …
Hosting servers are the foothold of a website. Reasonably, it becomes a nightmare for the administrator if the hosting server goes south due to a malware infection. It is nothing less than painful to detect the source & level of infection. Furthermore, the search for the solution in these cases seems endless. But, your pain would have been relieved long back, had you found a good web host malware scanner.
Not every Drupal website needs or wants traction in each country within the world. Websites like a flower shop, bakery, car wash, laundry, babysitting, lawn mowing, etc. may be relevant only to locals of an area. Overseas attention might be irrelevant & absurd for these Drupal sites. Now, this is where country blocking comes as a relief. Unless you consciously…
The worldwide web celebrated its 30th anniversary in March this year. A lot has changed since it first made an appearance. While addressing the celebratory event, inventor Berners-Lee said: “The web is not the web we wanted in every respect.” Ailing with menace like cybercrimes, data breaches, privacy compromisations, the web has become quite a scary place to be. To…
Many web administrators complain when their website starts displaying a message as "This site is temporarily unavailable". They often blame it on the hosting service provider. But what is it that causes Siteground account suspension? Billing issue can be one reason and it is very minor too. There are lot of things that cumulatively contribute to the suspension of your hosting account. What are those factors? And, what are some of the do's and don'ts to prevent your hosting account from getting suspended? Find out in this article.
Magento Card Skimming is the practice of illegally stealing credit/debit info by injecting malicious scripts called 'skimmers' on a Magento website. If you are an owner of a Magento-powered website then this article is for you. Here, we bring to you a good resource with all the necessary details revolving around Magento card skimming security issue.
OpenCart Security has become a hot topic of discussion amongst security professionals. Read this article to gain insight about top attacks on OpenCart websites.
