How to Harden WordPress With WP-Config & Avoid Data Exposure
Luke Leal What is wp-config.php? The wp-config.php file is a powerful core WordPress file that is vital for running your website. It contains important configuration settings for…
Browsing Category
WordPress Security
674 posts
WordPress Vulnerability & Patch Roundup June 2023
Cesar Anjos Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Ben Martin Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
New WooCommerce Security Best Practices Guide
Rianna MacLeod WooCommerce is a widely used e-commerce platform, powering nearly 6 million online stores worldwide. Its popularity makes it a prime target for cybercriminals looking to…
How to Generate WordPress Salts & Security Keys: Step by Step Instructions
Kaushal Bhavsar In the realm of WordPress security, there’s a powerful tag team working tirelessly behind the scenes to safeguard your website’s login process. Meet salts and…
How to Update, Install & Remove WordPress Plugins & Themes With WP-CLI
WordPress, like other open-source content management systems, allows you to enhance your website’s appearance and functionality through custom code and third-party components like plugins and…
WordPress Vulnerability & Patch Roundup May 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Vulnerability in Essential Addons for Elementor Leads to Mass Infection
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
WordPress 6.2.1 Security & Maintenance Release
On May 16, 2023, the WordPress core team released a crucial update — WordPress 6.2.1. This latest security and maintenance release addresses a number of…
Xjquery Wave of WordPress SocGholish Injections
Denis Sinegubko In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
What is XML-RPC? Security Risks & How to Disable
XML-RPC is a protocol designed for WordPress to standardize communication between different systems, allowing external applications (such as other blogging platforms and desktop clients) to…