WordPress sites have yet again become the victim of a widespread redirection malware. A lot of WordPress web owners contacted us worried about their websites redirecting or admin panel throwing an error. While doing the cleanups on these websites, we could draw similarities in their hacking fashion. All these websites happened to have been infected by the same redirection malware.…
WordPress Meta Generator Tag generates codes or tags for search engines to pick up your page titles and meta descriptions. These are HTML codes used to describe the content of a page. Meta generators are always put within the head section of the code. However, displaying the meta generator tags has security issues attached to it.
XMLRPC or XML remote procedure call is a system that grants you remote access to your website. So, you don't have to directly login to WordPress to access your website. By default, this feature is enabled in WordPress. XMLRPC makes your website multifaceted to a certain extent. However, it is often disabled by website owners because of security reasons. This…
Knowing your WordPress version number I can list all the known vulnerabilities in it. So can a hacker. It goes without saying that, it becomes very easy for a hacker to hack you if he knows what you are vulnerable to. Further, lists of the WordPress version number against the known vulnerability in it are too easily available online. Hence,…
One of the most common attacks on WordPress is brute-forcing. In this type of attack, hackers use bots to try hundreds of combinations of usernames and passwords to barge into your WordPress site. However, brute-forcing isn't limited to bots only. There are certain known methods attackers use to find the username, which we'll discuss in this article. Also, you must…
A severe XSS vulnerability has been uncovered inside the Rich Reviews plugin. An estimate has it that the plugin Rich Reviews has more than 16,000 active downloads. Even though critical, the discovery of the vulnerability isn't surprising, given the fact that the plugin has not been updated in more than two years. In fact, Rich Reviews has been removed from…
Plugin Name: GiveWP Vulnerability: Authentication Bypass with Information Disclosure Affected Versions: <= 2.5.4 Patched Version: 2.5.5 Just a few weeks ago, a vulnerability was detected in GiveWP, a WordPress plugin installed on more than 70,000 websites. Considered a high-security issue, this vulnerability is affecting the websites running Give 2.5.4 or below, as such must be updated to version 2.5.5. …
Majority of these websites are being run on WordPress in order to maximize their outreach. However, website may not want traction in certain areas of the world due to cases like treaty issue, potential cyber threat, etc. That’s when the feature of Country Blocking in WordPress comes handy. This article is dedicated to explain how to do Country Blocking in WordPress.
A complete DIY guide on WordPress security. A comprehensive guide includes 26 easy steps that you can follow harden your security & reduced the chance of getting hacked.
One of the reasons WordPress has become so widespread is that it’s a breeze to use, sporting a very intuitive UI, simple drag and drop technology, and a number of features which make your life much easier. It’s well-known that even someone who’s never touched WordPress can get a hang of it in less than a day. But that doesn’t mean you can’t do any wrong with it. Mistakes do happen when people use WordPress, and quite often at that.
