Security Advisory Archives

June Vulnerability and Patch Roundup Post

WordPress Vulnerabilities & Patch Roundup — June 2022

Antony Garand
June 30, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…

Read the Post

Critical RCE Vulnerability in Elementor WordPress Plugin

Antony Garand
April 13, 2022

Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 Vulnerability: Remote code execution (RCE) Patched Version: 3.6.3 On April 12th, an important security update was…

Read the Post

Adobe Patches Critical RCE Vulnerability in Magento2

Ben Martin
February 16, 2022

On Sunday, February 13th, Adobe pushed an emergency update to their Magento2 ecommerce software patching a critical unauthenticated remote code execution vulnerability. It is marked…

Read the Post

AccessPress Themes Hit With Targeted Supply Chain Attack

Ben Martin
January 20, 2022

Security researchers at Automattic recently reported that the popular WordPress plugin and theme authors AccessPress were compromised and their software replaced with backdoored versions. The…

Read the Post

WordPress 5.8.3 Security Release

Ben Martin
January 7, 2022

On January 6th, an important security update was released for the WordPress core addresses four separate vulnerabilities. WordPress website administrators are advised to update their…

Read the Post

What is the Log4j Vulnerability?

Ben Martin
December 14, 2021

Editorial: This post was last updated October 17th, 2022. What is the Log4j vulnerability? Originally found on the popular game Minecraft, this critical server security…

Read the Post

Adobe Patches Critical Magento Vulnerabilities in Recent Update

Ben Martin
August 13, 2021

Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of…

Read the Post

The Importance of Website Backups

Juliana Lewis
March 31, 2021

Today is World Backup Day. This date was created to remind people of the importance of having backups set up for everything that matters. I am pretty sure your website falls into…

Read the Post

PHP Repository Exploited by Hackers

Antony Garand
March 29, 2021

The official PHP git repository, http://git.php.net/, was compromised this Sunday, March 28. An attacker was able to modify the PHP source code twice and inject…

Read the Post

How Do Websites Get Hacked?

Mike Martens
March 25, 2021

As much as the web has grown, surprisingly not a lot has changed in how websites get hacked. The most important thing you can do…

Read the Post

UCEPROTECT Scam: When RBLs Go Bad

Marc Kranat
February 12, 2021

What is a Realtime Blackhole List (RBL)? A Realtime Blackhole List (RBL) contains lists of email servers, domain names, and IP addresses that are associated…

Read the Post