Bricks Builder For WordPress RCE Vulnerability

Bricks Builder For WordPress RCE Vulnerability

Bricks Visual Site Builder for WordPress recently patched a critical severity vulnerability rated 9.8/10 which is actively being exploited right now. Bricks Builder Bricks Builder is a popular WordPress development theme that makes it easy to create attractive and fast performing websites in hours that would costs up to $20,000 of development time to do … Read more

WordPress User Survey Indicates Rising Frustration

WordPress released the results of their annual user and developer survey which showed mixed feelings about the direction the software is going and an increasing sense of not being welcome in the overall WordPress community. The Gutenberg Editor Gutenberg is the modernized version of the the default site editor which brings the paradigm of a … Read more

WordPress Website Builder Vulnerability Affects Nearly 1 Million Websites

A significant vulnerability has been patched in the Website Builder by SeedProd that has over 900,000 installations. This vulnerability, present in versions up to and including 6.15.21, poses a risk for unauthorized data modification on WordPress sites. Vulnerability Details: Missing Capability Check The vulnerability that was discovered is called a missing capability check within the … Read more

WordPress 6.4.3 Security Release Fixes Two Vulnerabilities

WordPress announced a security release version 6.4.3 as a response to two vulnerabilities discovered in WordPress plus 21 bug fixes. PHP File Upload Bypass The first patch is for a PHP File Upload Bypass Via Plugin Installer vulnerability. It’s a flaw in WordPress that allows an attacker to upload PHP files via the plugin and … Read more

Better Search Replace WordPress Vulnerability Affects Up To +1 Million Sites

A critical severity vulnerability was discovered and patched in the Better Search Replace plugin for WordPress which has over 1 million active website installs. Successful attacks could lead to arbitrary file deletions, sensitive data retrieval and code execution. Severity Level Of Vulnerability The severity of vulnerabilities are scored on a point system with ratings described … Read more

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 in severity and could potentially allow unauthenticated attackers to gain access to sensitive information including data contained in site backups. Unauthenticated Attack Vulnerabilities What … Read more

Complianz WordPress GDPR Compliance Plugin Vulnerability

A popular WordPress plugin for privacy compliance with over 800,000 installations recently patched a stored XSS vulnerability that could allow an attacker to upload malicious scripts for launching attacks against site visitors. Complianz | GDPR/CCPA Cookie Consent WordPress Plugin The Complianz plugin for WordPress is a powerful tool that helps website owners comply with privacy … Read more

WordPress Shares Core Web Vitals In 2023 And Impact On Web

In 2023, the WordPress community witnessed a significant milestone in website performance, with Core Web Vitals (CWV) showing significant improvements for both mobile and desktop users. This article delves into the specifics of these improvements, exploring their implications and the evolving landscape of web performance within the WordPress ecosystem. What Are Core Web Vitals? Core … Read more

WordPress Starter Templates AI – Build A Site In 60 Seconds

Astra Starter Templates by Brainstorm Force, with over one million active installations, announced the integration of the ZipWP AI website builder that enables users to create entire websites, including content and images. With over 280 customizable website templates that helps users quickly create professional-looking websites, it’s one of the most popular templates in the world … Read more

WordPress Releases Version 6.4.2 For Critical Vulnerability

WordPress has released version 6.4.2 that contains a patch for a critical severity vulnerability that could allow attackers to execute PHP code on the site and potentially lead to a full site takeover. The vulnerability was traced back to a feature introduced in WordPress 6.4 that was meant to improve HTML parsing in the block … Read more

Critical WordPress Form Plugin Vulnerability Affects Up To +200,000 Installs

Security researchers at Wordfence detailed a critical security flaw in the MW WP Form plugin, affecting versions 5.0.1 and earlier. The vulnerability allows unauthenticated threat actors to exploit the plugin by uploading arbitrary files, including potentially malicious PHP backdoors, with the ability to execute these files on the server. MW WP Form Plugin The MW … Read more

WordPress AMP Plugin Vulnerability Affects Up To 100,000+ Sites

Accelerated Mobile Pages WordPress plugin, with over 100,000 installations, patched a medium severity vulnerability that could allow an attacker to inject malicious scripts to be executed by website visitors. Cross-Site Scripting Via Shortcode A cross-site scripting (XSS) is one of the most frequent kind of vulnerability. In the context of WordPress plugins, XSS vulnerabilities happen … Read more

WordPress 6.4.1 Maintenance Release Fixes Bugs In Version 6.4

WordPress released a maintenance release on Wednesday evening to fix problems discovered shortly after WordPress 6.4 was released to the public on Tuesday November 7th. Two of issues were somewhat serious in that they affected the operation of certain plugins and could cause issues for sites encountering either of the two problems. The third one … Read more

WordPress 6.4 Codenamed “Shirley” Released

WordPress 6.4, code named Shirley was released, featuring a new default theme with many incremental but important enhancements that taken together make WordPress an easier and more intuitive content management system. Josepha Haden Chomphosy, Executive Director of WordPress, described WordPress 6.4 best. She wrote: “Many of the features and enhancements in WordPress 6.4 fall in … Read more

How Astra Is Making WordPress The Top Choice For Business

Astra, the makers of the worlds most popular WordPress templates, announced it is investing in LatePoint, one of the most advanced online booking solutions and in the process is advancing WordPress as the go-to platform for businesses. This move brings the powerful scheduling, booking and payment management capabilities of LatePoint to all users, especially those … Read more

Vulnerability In Fluent Forms Contact Form WordPress Plugin

The popular Fluent Forms Contact Form Builder plugin for WordPress, with over 300,000 installations, was discovered to contain a SQL Injection vulnerability that could allow database access to hackers. Fluent Forms Contact Form Builder Fluent Forms Contact Form Builder is one of the most popular contact forms for WordPress, with over 300,000 installations. Its drag-and-drop … Read more

WordPress LiteSpeed Plugin Vulnerability Affects 4 Million Websites

The popular LiteSpeed WordPress plugin patched a vulnerability that compromised over 4 million websites, allowing hackers to upload malicious scripts. LiteSpeed was notified of the vulnerability two months ago on August 14th and released a patch in October. Cross-Site Scripting (XSS) Vulnerability Wordfence discovered a Cross-Site Scripting (XSS) vulnerability in the LiteSpeed plugin, the most … Read more

Kinsta Unveils Free Hosting for Your Static Sites

Kinsta announced free hosting for up to 100 static websites, including static WordPress sites, and 100 GB bandwidth per month Free hosting offered by Kinsta for static websites, including static WordPress sites 100 GB bandwidth per month per company 1 GB build image size per site Free tier will remain free “forever” according to Kinsta … Read more

We Know You Better!
Subscribe To Our Newsletter
Be the first to get latest updates and
exclusive content straight to your email inbox.
Yes, I want to receive updates
No Thanks!

Subscribe to our newsletter

Sign-up to get the latest marketing tips straight to your inbox.
Give it a try, you can unsubscribe anytime.
Exit mobile version