Bricks Builder For WordPress RCE Vulnerability

Bricks Builder For WordPress RCE Vulnerability

Bricks Visual Site Builder for WordPress recently patched a critical severity vulnerability rated 9.8/10 which is actively being exploited right now. Bricks Builder Bricks Builder is a popular WordPress development theme that makes it easy to create attractive and fast performing websites in hours that would costs up to $20,000 of development time to do … Read more

WordPress User Survey Indicates Rising Frustration

WordPress released the results of their annual user and developer survey which showed mixed feelings about the direction the software is going and an increasing sense of not being welcome in the overall WordPress community. The Gutenberg Editor Gutenberg is the modernized version of the the default site editor which brings the paradigm of a … Read more

WordPress Backup Plugin DoS Vulnerability Affects +200,000 Sites

A popular WordPress backup plugin installed in over 200,000 websites recently patched a high severity vulnerability that could lead to a denial of service attack. Wordfence assigned a CVSS severity level rating of High, with a score of 7.5/10, indicating that plugin users should take note and update their plugin. Backuply Plugin The vulnerability affects the … Read more

The 15 Best WordPress Email Plugins in 2024

If you’re on the lookout to enhance your business blog with an email newsletter, using a WordPress email plugin is indispensable. These plugins not only simplify content distribution but also offer insights into your target audience’s preferences, enabling you to optimize your content strategy effectively. Discover the 15 best WordPress email plugins on the market … Read more

WordPress Website Builder Vulnerability Affects Nearly 1 Million Websites

A significant vulnerability has been patched in the Website Builder by SeedProd that has over 900,000 installations. This vulnerability, present in versions up to and including 6.15.21, poses a risk for unauthorized data modification on WordPress sites. Vulnerability Details: Missing Capability Check The vulnerability that was discovered is called a missing capability check within the … Read more

WordPress 6.4.3 Security Release Fixes Two Vulnerabilities

WordPress announced a security release version 6.4.3 as a response to two vulnerabilities discovered in WordPress plus 21 bug fixes. PHP File Upload Bypass The first patch is for a PHP File Upload Bypass Via Plugin Installer vulnerability. It’s a flaw in WordPress that allows an attacker to upload PHP files via the plugin and … Read more

Better Search Replace WordPress Vulnerability Affects Up To +1 Million Sites

A critical severity vulnerability was discovered and patched in the Better Search Replace plugin for WordPress which has over 1 million active website installs. Successful attacks could lead to arbitrary file deletions, sensitive data retrieval and code execution. Severity Level Of Vulnerability The severity of vulnerabilities are scored on a point system with ratings described … Read more

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 in severity and could potentially allow unauthenticated attackers to gain access to sensitive information including data contained in site backups. Unauthenticated Attack Vulnerabilities What … Read more

15 Best WordPress Survey Plugins in 2023 (Hands-On)

On the hunt for the best WordPress survey plugin? Whether you’re looking to improve the user experience on your website, increase your customer satisfaction, or simply learn more about your visitors, embedding a survey on your website is the fastest way to get the feedback you need. To help you find the best WordPress survey … Read more

Complianz WordPress GDPR Compliance Plugin Vulnerability

A popular WordPress plugin for privacy compliance with over 800,000 installations recently patched a stored XSS vulnerability that could allow an attacker to upload malicious scripts for launching attacks against site visitors. Complianz | GDPR/CCPA Cookie Consent WordPress Plugin The Complianz plugin for WordPress is a powerful tool that helps website owners comply with privacy … Read more

WordPress Migration Guides Undermining Divi, Elementor And Wix?

WordPress is creating guides and tools to help publishers migrate to their block based editor Gutenberg and away from commercial WordPress page builders and private closed source content management systems like Wix. While it’s understandable that WordPress might want to help publishers and businesses migrate away from Wix, some perceive it as a somewhat controversial … Read more

WordPress Shares Core Web Vitals In 2023 And Impact On Web

In 2023, the WordPress community witnessed a significant milestone in website performance, with Core Web Vitals (CWV) showing significant improvements for both mobile and desktop users. This article delves into the specifics of these improvements, exploring their implications and the evolving landscape of web performance within the WordPress ecosystem. What Are Core Web Vitals? Core … Read more

WordPress Starter Templates AI – Build A Site In 60 Seconds

Astra Starter Templates by Brainstorm Force, with over one million active installations, announced the integration of the ZipWP AI website builder that enables users to create entire websites, including content and images. With over 280 customizable website templates that helps users quickly create professional-looking websites, it’s one of the most popular templates in the world … Read more

WordPress Releases Version 6.4.2 For Critical Vulnerability

WordPress has released version 6.4.2 that contains a patch for a critical severity vulnerability that could allow attackers to execute PHP code on the site and potentially lead to a full site takeover. The vulnerability was traced back to a feature introduced in WordPress 6.4 that was meant to improve HTML parsing in the block … Read more

Critical WordPress Form Plugin Vulnerability Affects Up To +200,000 Installs

Security researchers at Wordfence detailed a critical security flaw in the MW WP Form plugin, affecting versions 5.0.1 and earlier. The vulnerability allows unauthenticated threat actors to exploit the plugin by uploading arbitrary files, including potentially malicious PHP backdoors, with the ability to execute these files on the server. MW WP Form Plugin The MW … Read more

WordPress AMP Plugin Vulnerability Affects Up To 100,000+ Sites

Accelerated Mobile Pages WordPress plugin, with over 100,000 installations, patched a medium severity vulnerability that could allow an attacker to inject malicious scripts to be executed by website visitors. Cross-Site Scripting Via Shortcode A cross-site scripting (XSS) is one of the most frequent kind of vulnerability. In the context of WordPress plugins, XSS vulnerabilities happen … Read more

WordPress 6.4.1 Maintenance Release Fixes Bugs In Version 6.4

WordPress released a maintenance release on Wednesday evening to fix problems discovered shortly after WordPress 6.4 was released to the public on Tuesday November 7th. Two of issues were somewhat serious in that they affected the operation of certain plugins and could cause issues for sites encountering either of the two problems. The third one … Read more

WordPress 6.4 Crashing Sites Using A Popular Page Builder

Many publishers and developers have been reporting that updating to WordPress 6.4 triggered a fatal error, bringing their websites down. A search for solutions began and within hours developers discovered a bug in the page builder they all used. Sites Crashing After Updating To 6.4 One of the first reports happened not long after WordPress … Read more

We Know You Better!
Subscribe To Our Newsletter
Be the first to get latest updates and
exclusive content straight to your email inbox.
Yes, I want to receive updates
No Thanks!

Subscribe to our newsletter

Sign-up to get the latest marketing tips straight to your inbox.
Give it a try, you can unsubscribe anytime.
Exit mobile version