WordPress maintenance is one of those topics that tend to divide people into two groups: some people stand behind such services wholeheartedly, while others get all “I can take care of own my site!” about it. (more…)
The opinion is that an open source script is vulnerable to all sorts of attacks. But that is mostly not true – sometimes it’s the other way around. Or, okay, let’s say that it’s partially true, but even then you shouldn’t blame WordPress. (more…)
As reported by the Wordfence guys, Ninja Forms – a popular form plugin (contact forms, subscription forms, etc.) – is suffering from a number of serious security vulnerabilities.
Put together, those vulnerabilities have been labeled “very high risk,” which in web-security-speak basically means this: (more…)
This is somewhat of a breaking news.
In short: WordPress users have to face possible hacker attacks if they are dealing with the WooCommerce plugin.
Sucuri team just discovered a dangerous vulnerability during their routine audit for their web application firewall.
It seems that the vulnerability inside WooCommerce is Object Injection related and it could allow any hacker to download compromising files from the vulnerable server. The problem appears only if the “PayPal Identity Token” option is set. (more…)