With the Google Safe Browsing feature, Google maintains a list of suspicious websites that might be under attack by hackers. When users try to visit an unsafe site, they are met with a red screen displaying a warning message. Google phishing warning appears as “Deceptive site ahead” for sites that are suspected of phishing attacks.
MyBB, earlier known as MyBulletinBoard is a free and open source forum software based on PHP & My SQL. Recently it has been found vulnerable to a critical stored XSS (Cross-Site Scripting) and RCE (Remote-code Execution) in version 1.8.20 and before. Due to this any malefactor holding only a user account on the forum can hijack any board by sending a malicious private message to the administrator or by creating a malicious post.
WP live chat support plugin, with more than 50,000+ installs is, again found vulnerable to grave vulnerability identified as CVE-2019-12498, which lets any unauthorized user to steal chat history or hijack current chat sessions. Versions 8.0.32 and prior are vulnerable.
A fresh vulnerability disclosure in the series of WordPress plugins has come to notice. The WordPress plugin User Submitted Posts lets users upload posts and images from its front end feature. This WordPress plugin user submitted posts plugin currently has more than 30,000 installations. It was quite popular at the time a serious arbitrary file upload vulnerability was found in it. Learn more about the details of User Submitted Posts Exploit in this article.
As the number of online users increases, businesses also need to establish their online presence and image. Thus, websites play a crucial role in establishing and maintaining the online presence of this business. Like the traditional business, these websites need to store extensive data about the organization – company profile, annual reports, event details, contact information, etc. But if websites does not comply with the best website security practices, misfortunes occur.
Trying to secure your WordPress website from attacker? Read this article to see the different steps required for securing wp-config.php file of your WP website.
One of the reasons WordPress has become so widespread is that it’s a breeze to use, sporting a very intuitive UI, simple drag and drop technology, and a number of features which make your life much easier. It’s well-known that even someone who’s never touched WordPress can get a hang of it in less than a day. But that doesn’t mean you can’t do any wrong with it. Mistakes do happen when people use WordPress, and quite often at that.
I am sure, you got a mini heart attack to have your website flagged with a scary looking red screen with the message Deceptive Site Ahead in it. And you have been striving to retrieve your website from that danger ever since maybe. Yes, you are in the right place. In this article, we will try to answer most questions around that dreaded sentence “Deceptive Site Ahead”. Further, we will help you in removing that face shaming message from your website.
JavaScript is being used by 94.5% WordPress websites. But can you trust the security of JavaScript in your WordPress website? Read this article to find out how to secure your WordPress website from JavaScript Malware.
WordPress is currently powering millions of websites on the internet. While this Content Management System is easy-to-use, it has also fallen victim to repeated security attacks over the last 5 years. In this post, you’ll find out what are the platform’s vulnerabilities, the most common attacks, and best WordPress security practices.
