Category: WordPress Security

WordPress Maintenance Company vs DIY – Are WordPress Maintenance Services Worth the Money?

TL;DR: Yes, hiring a WordPress maintenance company does make sense, just not for everybody.

WordPress maintenance is one of those topics that tend to divide people into two groups: some people stand behind such services wholeheartedly, while others get all “I can take care of own my site!” about it. (more…)

20 Simple Tricks to Secure Your WordPress Website in 2017

 This is a contribution by Ahmad Awais. 
I’ve seen many website owners nagging about the security of WordPress.

The opinion is that an open source script is vulnerable to all sorts of attacks. But that is mostly not true – sometimes it’s the other way around. Or, okay, let’s say that it’s partially true, but even then you shouldn’t blame WordPress. (more…)

[News] Ninja Forms Vulnerable – Issue Marked “Very High Risk”

As reported by the Wordfence guys, Ninja Forms – a popular form plugin (contact forms, subscription forms, etc.) – is suffering from a number of serious security vulnerabilities.

Put together, those vulnerabilities have been labeled “very high risk,” which in web-security-speak basically means this: (more…)

WooCommerce Suffering From a Dangerous Object Injection Vulnerability

This is somewhat of a breaking news.

In short: WordPress users have to face possible hacker attacks if they are dealing with the WooCommerce plugin.

Sucuri team just discovered a dangerous vulnerability during their routine audit for their web application firewall.

It seems that the vulnerability inside WooCommerce is Object Injection related and it could allow any hacker to download compromising files from the vulnerable server. The problem appears only if the “PayPal Identity Token” option is set. (more…)