Wordpress News

Optimizing Performance and Behavior with WordPress and the Sucuri WAF

Aside from providing significant protection from a wide range of threats, the Sucuri WAF also acts as a CDN due to its caching capabilities and regional PoPs — often performing even better than dedicated CDNs based on recent tests. CDNs can significantly help speed up your website by storing and delivering content as close to the browser as possible, using servers dedicated to that task. What’s more, properly configured caching settings are the best defense against DDoS attacks. Even the heaviest DDoS can be easily mitigated by leveraging good caching. With zero configuration, the… More Info

Read More »

WordPress security flaws: 800,000 sites running NextGen Gallery plugin potentially vulnerable to pwnage

Unpatched sites could get pwned – but admins must fall for social engineering Users of NextGEN Gallery, the image management plugin for WordPress, have been urged to update their websites after the discovery of serious cross-site request forgery (CSRF) vulnerabilities. The most serious of two flaws found by security researchers – each residing in separate functions – could lead to remote code execution (RCE) and stored cross-site scripting (XSS). As a result, attackers could take control of a website, inject it with spam links, or redirect… More Info

Read More »

96% off online class bundle (UK deal)

Products featured here are selected by our partners at StackCommerce.If you buy something through links on our site, Mashable may earn an affiliate commission. The Create Your Own Website with WordPress Master Class is on sale. Image: pexels By StackCommerceMashable Shopping2021-02-08 21:05:00 -0800 TL;DR: The Create Your Own Website with WordPress Master Class is on sale for £21.88 as of Feb. 9, saving you 96% on list price. The internet is full of opportunities — especially entrepreneurial ones. You just need to know how to seize them. With lots of time on… More Info

Read More »

Rough Pixels Releases Empt Lite, a Block-Supported Freemium WordPress Theme – WordPress Tavern

Single post view. Empt Lite, the latest theme by Rough Pixels, landed in the WordPress theme directory today. Like most of the company’s prior work, the design is on par with the best free themes currently available. I have come to disregard that icky feeling whenever I see “Lite” attached to a theme name, at least when it falls under the Rough Pixels brand. The company does not deal in the stripped-down lite themes I wrote about a couple of weeks ago. Empt Lite is one of those rare themes that does not downgrade the experience with the free version. Most additional… More Info

Read More »

Critical WordPress Plugin Flaw Allows Site Takeover – Threatpost

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws. Researchers are urging WordPress websites that utilize the NextGen Gallery plugin to apply a patch addressing critical and high-severity flaws. The NextGen Gallery plugin, which is installed on 800,000 WordPress websites, allows sites to upload photos in batch quantities, import metadata and edit image thumbnails. Researchers discovered two cross-site request forgery… More Info

Read More »

Critical vulnerability fixed in WordPress plugin with 800K installs

The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. NextGen Gallery, a WordPress plugin used for creating image galleries, currently has over 800,000 active installs, making this security update a top priority for all site owners that have it installed. Backdoor injection and site takeover The two NextGEN Gallery security vulnerabilities are rated as high and critical severity by Wordfence’s Threat Intelligence team who discovered them. Both of them are Cross-Site Request Forgery (CSRF) bugs which, in the… More Info

Read More »

Automattic’s WordPress VIP acquires Parse.ly to bring web content analytics to the enterprise

WordPress VIP (WPVIP), Automattic’s enterprise-focused content management platform, has acquired Parse.ly, an engagement analytics platform aimed at online publishers. Terms of the deal were not disclosed. While Automattic is perhaps better known as the parent company of WordPress.com, it also operates a host of third-party services including WPVIP, which is a managed hosting service for  enterprise and high-traffic websites. With WPVIP, which is an official Automattic subsidiary with some 150 employees and its own leadership and development teams, companies such as Salesforce,… More Info

Read More »

Best WordPress directory plugins of 2021

Best WordPress directory plugins Directories are highly useful to find new businesses or providers based on particular search criteria. Not only that, but directories can also be used by a company to provide an online listing of their employees, for instance.  There are a myriad ways to use online directories, and if your site is powered by the website builder and web hosting solution WordPress, then you can add a directory simply by installing a plugin. But which one should you use? That’s always the daunting question, so in order to make the selection process easier, we’ve looked at… More Info

Read More »

Best WordPress directory plugins of 2021

Best WordPress directory plugins Directories are highly useful to find new businesses or providers based on particular search criteria. Not only that, but directories can also be used by a company to provide an online listing of their employees, for instance.  There are a myriad ways to use online directories, and if your site is powered by the website builder and web hosting solution WordPress, then you can add a directory simply by installing a plugin. But which one should you use? That’s always the daunting question, so in order to make the selection process easier, we’ve looked at… More Info

Read More »