WordPress Nested Pages Plugin High Severity Vulnerability

Vulnerability in Nested Pages WordPress plugin

The U.S. National Vulnerability Database (NVD) and Wordfence published a security advisory of a high severity Cross Site Request Forgery (CSRF) vulnerability affecting the Nested Pages WordPress plugin affecting up to +100,000 installations. The vulnerability received a Common Vulnerability Scoring System (CVSS) rating of 8.8 on a scale of 1 – 10, with ten representing … Read more

WordPress Takes Bite Out Of Plugin Attacks

WordPress announced over the weekend that they were pausing plugin updates and initiating a force reset on plugin author passwords in order to prevent additional website compromises due to the ongoing Supply Chain Attack on WordPress plugins. Supply Chain Attack Hackers have been attacking plugins directly at the source using password credentials exposed in previous … Read more

WordPress Plugin Supply Chain Attacks Escalate

WordPress plugins continue to be under attack by hackers using stolen credentials (from other data breaches) to gain direct access to plugin code.  What makes these attacks of particular concern is that these supply chain attacks can sneak in because the compromise appears to users as plugins with a normal update. Supply Chain Attack The … Read more

Automattic For Agencies: A New Way To Monetize WordPress

Automattic, the company behind WordPress.com, Jetpack, WooCommerce and more, have announced a new program to woo Agencies into their ecosystem of products with more ways to earn revenue. This new program could be seen as putting Automattic into direct competition with closed source systems like Wix and Duda but there are clear differences between all … Read more

WordPress, Wix, Squarespace, Joomla, Duda, & Drupal

The Core Web Vitals technology report shows that five out of six of the most popular content management systems performed worse in April 2024 when compared to the beginning of the year. The real-world performance data collected by HTTPArchive offers some clues about why performance scores are trending downward. Core Web Vitals Technology Report The … Read more

WordPress Releases Way To Build Sites On A Windows Desktop

Last month WordPress released a way to create or test WordPress sites on the desktop but the app was limited to Apple Mac devices. This month WordPress announces that WordPress Studio is now available for Microsoft Windows. According to WordPress, Microsoft Windows users account for over 25% of WordPress developers. But it’s possible that non-developers … Read more

New WordPress Plugin Solves Site Navigation Problem

Joost de Valk, the creator of Yoast SEO plugin, has created a new (and free) plugin for solving a site architecture problem that can silently diminish a website’s ability to rank. Site Architecture Site architecture is an important SEO factor because a well-organized website with clear navigation helps users quickly get to the content and … Read more

WP Rocket WordPress Plugin Now Optimizes LCP Core Web Vitals Metric

WP Rocket, the WordPress page speed performance plugin, just announced the release of a new version that will help publishers optimize for Largest Contentful Paint (LCP), an important Core Web Vitals metric. Large Contentful Paint (LCP) LCP is a page speed metric that’s designed to show how fast it takes for a user to perceive … Read more

WordPress 6.5 Enhances SEO With ‘Lastmod’ Support

WordPress has rolled out an update with version 6.5, introducing native support for the lastmod element in sitemaps. This move streamlines search engine crawl efficiency, potentially enhancing website visibility. The announcement comes from Gary Illyes, a member of Google’s Search Relations team, who took to LinkedIn to commend the WordPress developer community for their efforts. … Read more

Top 15 Ways To Secure A WordPress Site

Thankfully, there are plenty of steps you can take to protect your WordPress website. Easy WordPress Security Basics When setting up your WordPress site security, there are some basic things you can do to beef up your protection. Below, we will take a look at some of the first things you should do to help … Read more

What To Know About Medium-Level WordPress Vulnerabilities

The majority of WordPress vulnerabilities, about 67% of them discovered in 2023, are rated as medium level. Because of they’re the most common, it makes sense to understand what they are and when they represent an actual security threat. These are the facts about those kinds of vulnerabilities what you should know about them. What … Read more

25 WordPress Alternatives Best For SEO

WordPress powers hundreds of millions of websites, but it is not the only content management system (CMS) option. There’s a diverse marketplace of publishing platforms for those seeking alternatives. This review provides an overview of 25 leading alternatives to WordPress across key website categories. We explore user-friendly website builders like Wix, Squarespace, and Weebly, which … Read more

WordPress on Your Desktop: Studio By WordPress & Other Free Tools

WordPress announced the rollout of Studio by WordPress, a new local development tool that makes it easy for publishers to not just develop and update websites locally on their desktop or laptop but is also useful for learning how to use WordPress. Learn about Studio and other platforms that are make it easy to develop … Read more

Google On Diagnosing A Deindexed WordPress Site

Google’s John Mueller answered a question about a WordPress site that was completely deindexed from Google Search after changing to a different web hosting platform. Mueller’s answer shows where to start investigating the reasons why that happens. Dropped From Index After A Site Migration A submitted question to the Google Office Hours podcast related that … Read more

25 WordPress Alternatives Best For SEO

WordPress powers hundreds of millions of websites, but it is not the only content management system (CMS) option. There’s a diverse marketplace of publishing platforms for those seeking alternatives. This review provides an overview of 25 leading alternatives to WordPress across key website categories. We explore user-friendly website builders like Wix, Squarespace, and Weebly, which … Read more

2024 WordPress Vulnerability Report Shows Errors Sites Keep Making

WordPress security scanner WPScan’s 2024 WordPress vulnerability report calls attention to WordPress vulnerability trends and suggests the kinds of things website publishers (and SEOs) should be looking out for. Some of the key findings from the report were that just over 20% of vulnerabilities were rated as high or critical level threats, with medium severity … Read more

WordPress Releases A Performance Plugin For “Near-Instant Load Times”

WordPress released an official plugin that adds support for a cutting edge technology called speculative loading that can help boost site performance and improve the user experience for site visitors. Speculative Loading Speculative loading is a technique that fetches pages or resources before a user clicks a link to navigate to another webpage. The official … Read more

WordPress Discovers XSS Vulnerability – Recommends Updating To 6.5.2

WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same vulnerability affects both the WordPress core and the Gutenberg plugin. Cross Site Scripting (XSS) An XSS vulnerability was discovered in WordPress that could … Read more

We Know You Better!
Subscribe To Our Newsletter
Be the first to get latest updates and
exclusive content straight to your email inbox.
Yes, I want to receive updates
No Thanks!

Subscribe to our newsletter

Sign-up to get the latest marketing tips straight to your inbox.
SUBSCRIBE!
Give it a try, you can unsubscribe anytime.
Exit mobile version