mBlog.my Free Wordpress Hosting

Once again, a critical security flaw in a WordPress plugin posed a threat to thousands of websites. This time, the researchers discovered the vulnerability in the wpDiscuz WordPress plugin.

wpDiscuz WordPress Plugin Vulnerability

Researchers from Wordfence have come up with one more report about a vulnerable plugin. As described in their recent blog post, they caught a critical vulnerability in the wpDiscuz WordPress plugin. Exploiting this bug could let an attacker achieve various dangerous privileges on the target server, including remote code execution and arbitrary file upload.

The…

I am always on the lookout for interesting syntax-highlighting plugins, particularly for those occasions when I write tutorials or other articles that lean heavily on code. Far too many plugins use shortcodes, custom blocks, or other odd solutions. However, there is one option that I intentionally overlooked when it was released over a year ago: Code Syntax Block by Marcus Kazmierczak.

Based on the name, I assumed it was yet another standalone block. However, I have since given it another look and realized that this was note the case. It integrates directly with the core WordPress…

MalCare, your favorite WordPress security plugin, recently had the opportunity to sit down with Ben Gillbanks, a veteran WordPress developer about his work in the WordPress community. In the interview below we get to speak with Ben about his past work and how the shifting WordPress landscape is forcing him to think about creative ways to stay relevant. The interview below is exciting and in-depth. So let’s jump in!

The Interview

Hi Ben! First off, I’d like to thank you for taking the time to chat with our readers today. You’ve been in the WordPress space for 13 years now, so why…

Bing has launched its first official plugin for WordPress aimed at helping site owners get their content indexed immediately. Instead of waiting for a bingbot to crawl the site, the plugin notifies Bing of any new or updated content automatically using its Submit URL API.

“Bing believes that the future for search engines is less about crawling to discover content and more about sharing new and updated content across the web, a fundamental shift in the way that search engines handle web sites,” Bing Product Manager Fabrice Canel said. “Instead of monitoring RSS, sitemaps and…

WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.

Researchers are warning of a critical vulnerability in a WordPress plugin called Comments – wpDiscuz, which is installed on more than 70,000 websites. The flaw gives unauthenticated attackers the ability to upload arbitrary files (including PHP files) and ultimately execute remote code on vulnerable website servers.

Comments – wpDiscuz enables WordPress websites to add custom comment forms and fields to sites, and serves as an alternative to services like Disqus. Researchers with…

There are currently a “large number of failures” associated with Bing’s new URL submissions plugin for WordPress, according to the company’s outreach team.

Emails are being sent out to site owners who have installed the plugin to notify them of these issues.

The email reads:

“I am contacting you from the Microsoft Corporation and its Internet search engine Bing in regards to our URL submissions WordPress plugin.

Our systems have alerted us that while you have installed the plugin, there seems to be a large number of failures in submission of URLs to our index, resulting in customers…

Microsoft Bing is sending emails to some site owners after installing the new URL submission WordPress plugin. The email is to let these site owners know of a “large number of failures in submission of URLs” to the Bing index. This is leading to searchers “not seeing your domain on priority in the index.” This does not sound great but it seems Bing is on top of it.

Microsoft is offering to “help and debug any problems” that they are running into ” so as to allow our search engine to index your content and provide additional relevant traffic to your site,” Bing said.

Here is a screen…

29 July 2020 at 11:19 UTC

Updated: 29 July 2020 at 11:20 UTC

Critical bug in wpDiscuz add-on has now been patched

A critical vulnerability in a WordPress plugin with more than 80,000 active installations allowed unauthenticated attackers to take full control of a target website.

The security flaw, present in wpDiscuz comment plugin, enabled attackers to upload arbitrary files in order to achieve remote code execution (RCE) on a vulnerable site’s backend server.

The wpDiscuz…

Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites.

wpDiscuz is a WordPress plugin marketed as an alternative to Disqus and Jetpack Comments that provides an Ajax real-time comment system that will store comments within a local database.

The plugin comes with support for multiple comment layouts, inline commenting and feedback, as well as a post rating system and multi-level (nested) comment threads.

Arbitrary file upload bug…

[Illustration: Courtesy RedPlum]

To Andrea Malone, learning how to navigate open-source content management system WordPress is necessary to successfully building a brand. But launching a website can be difficult (and time-consuming) for businesses without the budget or in-house knowledge to do so.

Last year, Malone set out to make WordPress easy for designers and marketers so they can get back to making clients and customers happy. She founded Red Plum WP Builder, a B2B startup that removes all non-billable website-related tasks and barriers to having an attractive site.

“Designers,…