Category Archives CMS

A distributed denial of service is a cyber-attack which aims at deranging the normal functioning of a server by flooding the targeted website with malicious traffic. As a result, the server becomes unavailable to users and your website faces downtime. If defined plainly, distributed denial of service or the DDoS attack is an elaborate and powerful cyberattack designed to disrupt…

WordPress version 4.4 and onwards include REST API infrastructure in the core. What does this mean for your website’s security? How to disable WP API JSON in WordPress? Read on to find out. What is the REST API? REST is short for Representational State Transfer. It is a standard client-server protocol that makes your website available as a web service.…

WordPress Meta Generator Tag generates codes or tags for search engines to pick up your page titles and meta descriptions. These are HTML codes used to describe the content of a page. Meta generators are always put within the head section of the code. However, displaying the meta generator tags has security issues attached to it.

Today, it is a lot easier to manage websites on the internet. All thanks to the open-source CMS solutions like WordPress, Drupal, Magento, etc. As a result of this, more and more businesses are extending to the virtual world. But proportionately the hacks on these websites are also increasing with every passing year. For someone who is not familiar with…

XMLRPC or XML remote procedure call is a system that grants you remote access to your website. So, you don't have to directly login to WordPress to access your website. By default, this feature is enabled in WordPress. XMLRPC makes your website multifaceted to a certain extent. However, it is often disabled by website owners because of security reasons. This…

Knowing your WordPress version number I can list all the known vulnerabilities in it. So can a hacker. It goes without saying that, it becomes very easy for a hacker to hack you if he knows what you are vulnerable to. Further, lists of the WordPress version number against the known vulnerability in it are too easily available online. Hence,…

One of the most common attacks on WordPress is brute-forcing. In this type of attack, hackers use bots to try hundreds of combinations of usernames and passwords to barge into your WordPress site. However, brute-forcing isn't limited to bots only. There are certain known methods attackers use to find the username, which we'll discuss in this article. Also, you must…

A severe XSS vulnerability has been uncovered inside the Rich Reviews plugin. An estimate has it that the plugin Rich Reviews has more than 16,000 active downloads. Even though critical, the discovery of the vulnerability isn't surprising, given the fact that the plugin has not been updated in more than two years. In fact, Rich Reviews has been removed from…

Plugin Name: GiveWP Vulnerability: Authentication Bypass with Information Disclosure Affected Versions: <= 2.5.4 Patched Version: 2.5.5   Just a few weeks ago, a vulnerability was detected in GiveWP, a WordPress plugin installed on more than 70,000 websites.  Considered a high-security issue, this vulnerability is affecting the websites running Give 2.5.4 or below, as such must be updated to version 2.5.5. …

Free Website Security Scanner

Close