Website Security News
View the latest security advisories for website owners to keep aware of. Learn how to protect your site in the changing landscape of security with the latest insights from our research and incident response teams. Stay aware of the latest vulnerabilities affecting websites and content management systems like WordPress, Joomla, Drupal, and Magento.
Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was released for the Elementor plugin patching a critical remote code vulnerability which allows all authenticated users, including subscribers, to upload…
Read More about Critical RCE Vulnerability in Elementor WordPress Plugin
On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked as CVE-2022-24086 with a CVSS…
Read More about Adobe Patches Critical RCE Vulnerability in Magento2
Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The compromise appears to have taken…
Read More about AccessPress Themes Hit With Targeted Supply Chain Attack
On January 6th, an important security update was released for the WordPress core addresses four separate vulnerabilities. WordPress website administrators are advised to update their websites immediately. All WordPress versions…
A critical server security vulnerability in the Java logging library Log4j is taking the internet by storm because code to actively exploit this vulnerability is already widely distributed across the…
Read More about Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants
Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of 18 security vulnerabilities patched according…
Read More about Adobe Patches Critical Magento Vulnerabilities in Recent Update
Today is World Backup Day. This date was created to remind people of the importance of having backups set up for everything that matters. I am pretty sure your website falls into the category of precious digital…
The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject a backdoor into it. Thankfully,…
As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do in keeping the web –…
Realtime Blackhole Lists (RBLs) can be a great tool in your security arsenal. You may not know you’re using them, but all email providers and company email servers leverage these…
Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and…
