Google’s John Mueller answered whether having two sites could negatively affect search rankings. His answer is surprisingly applicable to different ways of interpreting the question. Can Having Two Sites Affect Rankings? A person submitted a question to Google where they wanted to know if having two sites could negatively affect their rankings. The question as … Read more
Google’s Gary Illyes answered if switching web hosting platforms could result in a negative outcome for rankings and SEO. It’s a reasonable question because migrating a site to a new web host involves multiple technical factors that can go wrong and have an immediately negative effect. What Does Changing A Website Host Entail? Changing web … Read more
The popular Beaver Builder WordPress Page Builder was found to contain an XSS vulnerability that can allow an attacker to inject scripts into the website that will run when a user visits a webpage. Beaver Builder Beaver Builder is a popular plugin that allows anyone to create a professional looking website using an easy to … Read more
Google’s John Mueller answered a question on Reddit about whether showing different content based on IP address of the site visitor affected SEO. His answer offered insights into Google’s crawling and indexing. Showing Banners For Specific Countries The person asking the question managed a website that wanted to show a banner on the side of … Read more
A popular WordPress backup plugin installed in over 200,000 websites recently patched a high severity vulnerability that could lead to a denial of service attack. Wordfence assigned a CVSS severity level rating of High, with a score of 7.5/10, indicating that plugin users should take note and update their plugin. Backuply Plugin The vulnerability affects the … Read more
A significant vulnerability has been patched in the Website Builder by SeedProd that has over 900,000 installations. This vulnerability, present in versions up to and including 6.15.21, poses a risk for unauthorized data modification on WordPress sites. Vulnerability Details: Missing Capability Check The vulnerability that was discovered is called a missing capability check within the … Read more
A critical severity vulnerability was discovered and patched in the Better Search Replace plugin for WordPress which has over 1 million active website installs. Successful attacks could lead to arbitrary file deletions, sensitive data retrieval and code execution. Severity Level Of Vulnerability The severity of vulnerabilities are scored on a point system with ratings described … Read more
A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 in severity and could potentially allow unauthenticated attackers to gain access to sensitive information including data contained in site backups. Unauthenticated Attack Vulnerabilities What … Read more
Security researchers at Wordfence detailed a critical security flaw in the MW WP Form plugin, affecting versions 5.0.1 and earlier. The vulnerability allows unauthenticated threat actors to exploit the plugin by uploading arbitrary files, including potentially malicious PHP backdoors, with the ability to execute these files on the server. MW WP Form Plugin The MW … Read more
Accelerated Mobile Pages WordPress plugin, with over 100,000 installations, patched a medium severity vulnerability that could allow an attacker to inject malicious scripts to be executed by website visitors. Cross-Site Scripting Via Shortcode A cross-site scripting (XSS) is one of the most frequent kind of vulnerability. In the context of WordPress plugins, XSS vulnerabilities happen … Read more
The popular LiteSpeed WordPress plugin patched a vulnerability that compromised over 4 million websites, allowing hackers to upload malicious scripts. LiteSpeed was notified of the vulnerability two months ago on August 14th and released a patch in October. Cross-Site Scripting (XSS) Vulnerability Wordfence discovered a Cross-Site Scripting (XSS) vulnerability in the LiteSpeed plugin, the most … Read more
Details of a new form of DDOS that requires relatively minimal resources to launch an attack of unprecedented scale, making it a clear danger for websites as server software companies race to release patches to protect against it. HTTP/2 Rapid Reset Exploit The vulnerability takes advantage of the HTTP/2 and HTTP/3 network protocols that allow … Read more
The U.S. Government National Vulnerability Database (NVD) published notice of a critical vulnerability affecting the Forminator WordPress Contact Form plugin up to an including version 1.24.6. Unauthenticated attackers can upload malicious files to websites which, according to the warning, “may make remote code execution possible.” The vulnerability score rating is 9.8, on a scale of … Read more
The WooCommerce Stripe payment gateway plugin was discovered to have a vulnerability that allows an attacker to steal customer personally identifiable information (PII) from stores using the plugin. Security researchers warn that hackers do not need authentication to pull off the exploit, which received a rating of high, 7.5 on a scale of 1 – … Read more
A serious hacking attack has been exploiting ecommerce websites to steal credit card information from users and to spread the attack to other websites. These hacking attacks are called Magecart style skimmer and it’s spreading worldwide across multiple ecommerce platforms. Attackers are targeting a variety of ecommerce platforms: Magento Shopify WooCommerce WordPress What Does the … Read more
Listen NEW! Listen to article Sign in or sign up to access this audio feature! No worries … it’s FREE! The idea that author authority affects Google rankings dates back to 2009. That’s when Google was granted the so-called agent rank patent, and it openly disclosed the news in a release that authorship matters for … Read more
