Security – Internet, WordPress, and otherwise

CarSpot < 2.2.1 – Multiple Vulnerabilities

CarSpot < 2.2.1 – Multiple Vulnerabilities

DescriptionMultiple vulnerabilities was discovered in the «CarSpot – Dealership Wordpress Classified Theme», tested version — v2.2.0: - Authenticated Persistent XSS -> Registration Form/User Profile - Authenticated Persistent XSS -> Ad Post - IDOR leading to...

read more
6 key tips for evaluating WordPress activity log plugins

6 key tips for evaluating WordPress activity log plugins

A WordPress activity log is a must have tool in every website’s security suite. However, determining which plugin is best for incorporating this feature can be tricky, given the large volume of available tools. In order to make an informed decision, there are a few...

read more
Chained Quiz < 1.1.8.2 – Reflected XSS

Chained Quiz < 1.1.8.2 – Reflected XSS

DescriptionWordPress Plugin Plugin Chained Quiz before 1.1.8.2 suffers from a Reflected XSS vulnerability in the 'total_questions' POST parameter when a user completes a quiz. The code in question accepts the 'total_questions' parameter without escaping the special...

read more
OWASP Top 10 Security Risks and Vulnerabilities

OWASP Top 10 Security Risks and Vulnerabilities

Are you worried about the security of your WordPress plugin or theme? Are you sure they are safe to use? You should watch for these top 10 OWASP risks.You’re right to worry about whether your software is secure. As much as developers would like to create airtight...

read more
Privilege Escalation: What is it and Why is it so Important?

Privilege Escalation: What is it and Why is it so Important?

Do you have multiple users on your WordPress website? Did you know hackers can exploit user accounts to take full control of your website? They can do this by taking advantage of what is known as a privilege escalation vulnerability.These vulnerabilities appear in...

read more
ListingPro < 2.5.4 – Unauthenticated Reflected XSS

ListingPro < 2.5.4 – Unauthenticated Reflected XSS

DescriptionReflected XSS was discovered in the «ListingPro - WordPress Directory Theme», tested version — v2.5.3 Edit - WPScanTeam: January 13th, 2020 - Report Received & Envato Contacted January 13th, 2020 - Envato Investigating January 15th, 2020 - Theme...

read more
How to Disable XML-RPC for Better WordPress Security

How to Disable XML-RPC for Better WordPress Security

We’ve come along way since WordPress was first launched. Back in the day, the feature called XML-RPC was extremely useful. In a time with slow internet speed and constant lags, it was difficult to write content online in real-time, like we do now. The XML-RPC function...

read more
Real Estate 7 < 2.9.5 – Multiple Vulnerabilities

Real Estate 7 < 2.9.5 – Multiple Vulnerabilities

DescriptionMultiple vulnerabilities was discovered in the «Real Estate 7 WordPress», tested version — v2.9.4: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - Authenticated Persistent Self-XSS - IDOR - Information Exposure Edit (WPScanTeam): January...

read more
EasyBook < 1.2.2 – Multiple Vulnerabilities

EasyBook < 1.2.2 – Multiple Vulnerabilities

DescriptionMultiple vulnerabilities was discovered in the «EasyBook – Directory & Listing WordPress Theme», tested version — v1.2.1: - Unauthenticated Reflected XSS - Authenticated Persistent XSS - IDOR December 27th, 2019 - Envato Contacted January 6th, 2020 -...

read more

Get ALL Your SEO, WordPress & Divi News

Join Our Daily Roundup

SEO News and More

SEO News and More