WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover – Threatpost

Severe CSRF to XSS bugs open the door to code execution and complete website compromise.

Page Builder by SiteOrigin, a WordPress plugin with a million active installs that’s used to build websites via a drag-and-drop function, harbors two flaws that can allow full site takeover.

According to researchers at WordPress, both security bugs can lead to cross-site request forgery (CSRF) and reflected cross-site scripting (XSS). They “allow attackers to forge requests on behalf of a site administrator and execute malicious code in the administrator’s browser,” according to Wordfence…


More Info

Apache 101: 0-WordPress in 15 minutes

Enlarge / Hellfire missiles not included.


Recently, we took a look at the Caddy Web server. Today, we’re going to back things up a little bit and look at the A from the classic LAMP stack: the Apache Web server.

Apache has a bad reputation for being old, crusty, and low-performance—but this idea mostly stems from the persistence of ancient guides that still show users how to set it up in extremely antiquated ways. In this guide, we’re going to set up an Ubuntu 20.04 droplet at Digital Ocean with an Apache Web server set up properly and…


More Info

Data443 Releases New CCPA Framework Plugin for WordPress

Data443 Releases New CCPA Framework Plugin for WordPress

More Info

WordPress security: More than one million sites exposed through Page Builder plugin vulnerabilities


James Walker

12 May 2020 at 10:44 UTC

Updated: 12 May 2020 at 10:49 UTC

Developers issue patch just 24 hours after disclosure

WordPress administrators whose sites use the Page Builder plugin have been urged to update to the latest version (2.10.16) following the recent discovery of two security vulnerabilities.

Earlier this month, the Wordfence Threat Intelligence team discovered two security flaws in Page Builder, a responsive page creation plugin with more than one million active…


More Info

How to Increase Google Adsense Earnings on WordPress – Affordable SEO Services

If you have been blogging for a while than you are probably familiar with Google Adsense, but is WordPress an effective platform to make money with Adsense? I will be touching this topic and answer the question below.

The reason I am writing about Adsense on WordPress, is because I was reading how much trouble bloggers have to make a decent income by only using Google Adsense on their blog. Monetizing your blog and making a full-time income is not easy, but it can be done!

A Niche Website is a MUST if you want to make Money with Adsense

When planning on making money with…


More Info

WordPress Accessibility Team to Host 24-Hour Online Event October 2, 2020 – WordPress Tavern

The WordPress Accessibility Team is organizing a new online event called WP Accessibility Day that will take place on October 2, 2020. The event will feature 24 hours of educational sessions that focus on the intersection between WordPress and web accessibility.

Inspired by the Polyglots’ Global Translation Day, which greatly expanded the team’s base of contributors and fueled a record number of translations, the Accessibility Team aims to raise awareness about its work. Organizers will be featuring a variety of topics, including theme and plugin accessibility,…


More Info

Simple Photoblogging with the Instapress WordPress Theme – WordPress Tavern

It is not often that I come across a free WordPress theme that instantly impresses me. Far too often, I spend half an hour or more just getting to know a theme, checking its options, and figuring out how long it will take to recreate something that looks remotely like the demo. However, every now and then I come across one of those diamonds in the rough that makes me a taker a deeper look.

Instapress is one of those themes. It is yet another reason I am in favor of a curated featured themes list. These types of unique themes tend to get lost in the crowd, and without the backing of…


More Info

WordPress plugin bugs can let hackers take over almost 1M sites

Two high severity vulnerabilities found in the Page Builder WordPress plugin installed on more than 1,000,000 sites can let hackers create new admin accounts, plant backdoors, and ultimately take over the compromised websites.

The vulnerabilities are a Cross-Site Request Forgery (CSRF) leading to Reflected Cross-Site Scripting (XSS) attacks and they affect all Page Builder versions up to and including 2.10.15.

Attackers can exploit these security flaws by tricking WordPress site administrator into clicking specially crafted links or attachments and execute malicious code in…


More Info

3 of the Best Google Analytics WordPress Plugins

Anybody who is serious about improving their traffic, conversion rates, and overall web strategy performance knows that few things matter more than cold, hard data.

After all, data is power.

Data doesn’t lie to you.

Data gives you the cold, hard facts.

And Google Analytics is revered by many as the bottom line, the final say when it comes to the data that matters.

If used properly, the data that Google Analytics provides can help you craft better web strategies for your WordPress site and your audience.

This is why Google Analytics plugins are enjoying so much popularity with WordPress…


More Info

Why You Should NOT Use Nulled WordPress Themes And Plugins

Do you want to use a nulled WordPress theme or plugin on your WordPress site? Are you looking for a way to use such pirated software and keep your website safe at the same time?

We understand how tempting it is to use nulled software as it gives you access to premium features for free. But the reality of it is that installing nulled WordPress themes and plugins on your WordPress site is extremely risky as most of them are riddled with malware.

The malware will infect your site and allow hackers to break in. Hackers will cause severe damage to your website by displaying unwanted ads, sending…


More Info