mBlog.my Free Wordpress Hosting

It’s only been a week or so, and obviously there are at least three critical holes in WordPress plugins and tools that are being exploited in the wild right now to compromise loads of websites.

We’ll start with FishPig, a UK-based maker of software that integrates Adobe’s Magento ecommerce suite into WordPress-powered websites. FishPig’s distribution systems were compromised and its products altered so that installations of the code semi-automatically downloaded and ran the Rekoobe Linux trojan.

Infosec outfit Sansec raised the alarm this week that FishPig’s software was acting weird:…

An actively exploited zero-day vulnerability in WordPress plugin WPGateway has led to more than 4.6 million attempted attacks in the past month. The currently unpatched flaw is the second significant WordPress vulnerability to be found over the past week.

When exploited, this vulnerability, identified as CVE-2022-3180, is used to add malicious administrator users to sites running the plugin. Administrator privileges allow…

The WPGateway premium WordPress plugin has been exploited by malicious actors.

A vulnerability within the WPGateway premium WordPress plugin has been exploited by threat actors, as found and reported by security analysts from WordFence.

WPGateway Plugin Vulnerability Has Been Exploited

On September 13th, 2022, WordFence’s Threat Intelligence team reported in a blog post that a security vulnerability within the WPGateway premium plugin was exploited in the wild by malicious parties.

WPGateway can be used on WordPress sites to install and backup sites, as…

Possible contenders for understanding the dynamics could include, different patient demographics, or the fact that the solution on offer is easier to navigate in one…

Security firm WordFence has warned of an actively exploited vulnerability in a widely-used WordPress plugin that could leave websites totally exposed to hackers.

WPGateway is a paid plugin that gives WordPress users the ability to manage their website from a centralised dashboard. The flaw, designated CVE-2022-3180, allows for threat actors to add their own profile with administrator access to the dashboard, and completely take over a victim’s website.

WordFence, which provides a firewall service for WordPress websites, released a rule to block the exploit for paying customers on its…

Smishing has been identified as a new and sophisticated method of obtaining personal and financial information from victims by using fake forms on fraudulent websites. Smishing is a cyberattack tactic that combines SMS (short message service, usually known as text messages) and phishing.

A wave of VexTrio attacks using dictionary domain generation algorithm (DDGA) has infected numerous websites built on WordPress, which in turn infect visitors to those sites with malware or spyware by executing Javascript code.

Infoblox Inc., a leader in secure and cloud-managed…

The Wordfence Threat Intelligence team warned today that WordPress sites are actively targeted with exploits targeting a zero-day vulnerability in the WPGateway premium plugin.

WPGateway is a WordPress plugin that allows admins to simplify various tasks, including setting up and backing up sites and managing themes and plugins from a central dashboard.

This critical privilege escalation security flaw (CVE-2022-3180) enables unauthenticated attackers to add a rogue user with admin privileges to completely take over sites running the vulnerable WordPress plugin.

“On September 8, 2022, the…

Google Analytics is a free comprehensive tool that allows you to track your web traffic and data.

Google Analytics will show you how many people visit your site, individual pages, conversions, and how people interact with your content. This data is critical for the optimization of your website.

There are two types of Google Analytics code.

You may be accustomed to the Google Universal Analytics (UA) code. This is being sunsetted and replaced with Google Analytics 4 (GA4).

GA4 is much more customizable and applies to websites or apps, whereas Google UA can only be applied to…

These days, any business needs a website to help customers navigate their services and draw in new customers. But setting up and operating a website can be an expensive, time-consuming task — one that many entrepreneurs don’t have the patience or even ability to do. Nonetheless, when you start your small business, you need to find ways to get…

WordPress is a popular content management system that can help users create a gaming blog quickly and easily. WordPress is free to use, making it a great option for those who want to create a gaming blog on a budget. You can find the best WordPress hosts here if you are planning to start a gaming blog. WordPress is also easy to use, even for beginners. In this article, we will show you how to start a gaming blog using WordPress.

Before we get started, let’s take a look at some of the benefits of using WordPress to create your gaming blog.

WordPress is a popular content management system…