Isn’t it annoying to find out that your WordPress site has been hacked? Here are some reasons that hackers may be interested in your WordPress site. Do not be surprised to know that hackers gain profit from hacking even your ‘little’ WordPress site. For instance, although the hacker’s focus may not be your website per […]
Why Paid WordPress Protection Products Provide Much More Security than Free Security Products
An astounding 1.5 million pages from WordPress were defaced by hackers in 2017. Two disastrous security threats called Specter and Meltdown were found at the beginning of the year 2018. Almost all computer chips manufactured in the past twenty years were thought to be affected. In the past, security breaches like these were common. This […]
Plugin Vulnerability: Download Plugins and Themes from Dashboard
The plugin ‘Download Plugins and Themes from Dashboard’ (https://wordpress.org/plugins/download-plugins-dashboard/) , a plugin that lets you download installed plugins and themes ZIP files directly from your admin dashboard without using FTP with 10,000+ installs has been identified to have multiple security flaws in version less than 1.6. NinTechNet discovered a multiple security issues within the Download […]
Plugin Vulnerability: Theme Editor
The plugin Theme Editor (https://en-gb.wordpress.org/plugins/visualizer/) , a plugin that allows you to edit theme files, create folders and more with 30,000+ installs has been identified to have multiple security flaws in version 2.1 and lower. These vulnerabilities were reported by WebArxSecurity (and details can be found here https://www.webarxsecurity.com/wordpress-theme-editor-plugin-multiple-vulnerabilities/. The author release a fixed version (2.2) […]
Plugin Vulnerability: Visualizer
The plugin Visulalizer (https://en-gb.wordpress.org/plugins/visualizer/) , a tables and charts management plugin with over 40,000 installs has been identified to have a security weakness in versions less than 3.3.1 by security researcher Nathan Davidon ( https://nathandavison.com/ ). The plugin developers released an update yesterday including a fix. Recommendation Our recommendation is to immediately update to version […]
Plugin Vulnerability: Rich Reviews
The plugin Rich Reviews (https://en-gb.wordpress.org/plugins/rich-reviews/) has been closed on the WordPress repository since March 2019 for security issues. However security researchers at WordFence ( https://www.wordfence.com/blog/2019/09/rich-reviews-plugin-vulnerability-exploited-in-the-wild/) have reported that this vulnerability is being exploited in the wild. Recommendation Our recommendation is to immediately remove the Rich Reviews plugin and find an alternative. Users of FullWorks Security […]