Millions of WordPress sites have been probed and attacked this week, Defiant, the company behind the Wordfence web firewall said on Friday.
The sudden spike in attacks happened after hackers discovered and started exploiting a zero-day vulnerability in “File Manager,” a popular WordPress plugin installed on more than 700,000 sites.
The zero-day was an unauthenticated file upload vulnerability[1, 2] that allowed an attacker to upload malicious files on a site running an older version of the File Manager plugin.
WordPress’ Support Team contributors are discussing how they can curb support requests for commercial products on the official WordPress.org forums. Users sometimes seek help for commercial product upgrades on the forums of the free version, not knowing that the moderators’ official policy is to refer them to the extension’s commercial support channel. In other instances, it is not immediately clear whether the issue is with the free version or a paid upgrade that the user has installed.
“This has come up a few times the past weeks, mostly in relation to plugins that…
On Wednesday, September 2, Gutenberg 8.9 launched with a set of new features, enhancements, and several bug fixes. The development team took the block-based widgets system out of its experimental stage, making it the default experience for all plugin users.
Block-based widgets have taken months upon months of work. The team has surpassed some of my expectations by essentially sticking a square peg into a square hole, granting the power of blocks to the sidebars/widgets system. On the whole, the system works. However, the team still has a lot of work to mold this feature into the…
So, you’re looking for a Content Management System (CMS) for your website? Well, you’re in luck because there are so many options to choose from. You’re probably thinking, how can I possibly choose which one to use when they’re all telling me why their CMS is the best choice? Begin by asking yourself the following questions:
What’s going to be the best option for my website?
Do I play the short game or do I look at the long term?
What about ease of use?
Will I be able to make changes myself or am I going to have to hire to get everything done?
Among its features, WordPress 5.5 now makes faster page loading possible thanks to a concept known as “lazy loading.” At the same time, the new version also helps the overall website SEO by including an improved XML sitemap that enables search engines to discover websites quicker. Also, with 5.5, users can now set…
On May 4, the StudioPress development team made a small but significant user-facing change to its Atomic Blocks plugin (now rebranded to Genesis Blocks). It removed the “AB” branding from its block titles. This minor update changed block titles such as AB Accordion and AB Button to Accordion and Button, respectively. On the surface, this change probably seemed of little consequence to the developers on the project. However, for at least one user, it created a massive workload.
Unless users religiously followed the GitHub code commits, they would have missed this update. Stacked…
So you want to build a website — maybe to show off your portfolio while job searching, to share information with wedding guests or to support your business (especially now that so many events have been postponed due to the coronavirus pandemic). Only problem is, you don’t know where to get started. Enter website building…
Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website.
Users of our WAF were never vulnerable to this exploit. The Sucuri firewall blocks malicious payloads by default using our generic exploitation rules.
Technical Details
The vulnerability originated from the remains of a development environment on version 6.4 nearly 4 months ago, where a file was renamed to test certain features. The…
WordPress is now fixing issues that broke millions of WordPress websites with the previous major update WordPress v5.5. Well, WordPress 5.5.1 update marks an important maintenance update that will put an end to annoying issues being faced by WordPress blogs and site owners.
WordPress 5.5.1 fixes millions of broken websites
Last month, WordPress released a major v5.5 update that was supposed to improve the CMS performance with certain fixes and enhancements. But somehow, it turned out to be quite the opposite and. As a result, many bloggers and site owners started reporting problems…
This may seem like common sense, but it bears remembering that the main purpose of search engine optimization (SEO) is to think like a search engine. As such, we do everything we can to ensure search engines can retrieve as much information from our websites as possible to earn a higher SERP (search engine result page) rank.
The Yoast SEO WordPress plugin (see image below) was created, according to Yoast’s Chief Product Officer, Joost de Valk, to “[make] it easy for your site to meet the highest technical SEO standards.” The new Yoast SEO 14.0 update, which was released at the end of…