Critical Security Flaw in WordPress Plugin Allows RCE – Threatpost

WordPress plugin Comments – wpDiscuz, which is installed on over 70,000 sites, has issued a patch.

Researchers are warning of a critical vulnerability in a WordPress plugin called Comments – wpDiscuz, which is installed on more than 70,000 websites. The flaw gives unauthenticated attackers the ability to upload arbitrary files (including PHP files) and ultimately execute remote code on vulnerable website servers.

Comments – wpDiscuz enables WordPress websites to add custom comment forms and fields to sites, and serves as an alternative to services like Disqus. Researchers with…


More Info

Bing URL Submissions Plugin Experiencing Issues

There are currently a “large number of failures” associated with Bing’s new URL submissions plugin for WordPress, according to the company’s outreach team.

Emails are being sent out to site owners who have installed the plugin to notify them of these issues.

The email reads:

“I am contacting you from the Microsoft Corporation and its Internet search engine Bing in regards to our URL submissions WordPress plugin.

Our systems have alerted us that while you have installed the plugin, there seems to be a large number of failures in submission of URLs to our index, resulting in customers…


More Info

Bing URL Submission WordPress Plugin Outreach After Indexing Issues

Microsoft Bing is sending emails to some site owners after installing the new URL submission WordPress plugin. The email is to let these site owners know of a “large number of failures in submission of URLs” to the Bing index. This is leading to searchers “not seeing your domain on priority in the index.” This does not sound great but it seems Bing is on top of it.

Microsoft is offering to “help and debug any problems” that they are running into ” so as to allow our search engine to index your content and provide additional relevant traffic to your site,” Bing said.

Here is a screen…


More Info

WordPress plugin vulnerability exposes 80,000 sites to remote takeover


Jessica Haworth

29 July 2020 at 11:19 UTC

Updated: 29 July 2020 at 11:20 UTC

Critical bug in wpDiscuz add-on has now been patched

A critical vulnerability in a WordPress plugin with more than 80,000 active installations allowed unauthenticated attackers to take full control of a target website.

The security flaw, present in wpDiscuz comment plugin, enabled attackers to upload arbitrary files in order to achieve remote code execution (RCE) on a vulnerable site’s backend server.

The wpDiscuz…


More Info

Critical WordPress plugin bug lets hackers take over hosting account

Hackers can exploit a maximum severity vulnerability in the wpDiscuz plugin installed on over 70,000 WordPress sites to execute code remotely after uploading arbitrary files on servers hosting vulnerable sites.

wpDiscuz is a WordPress plugin marketed as an alternative to Disqus and Jetpack Comments that provides an Ajax real-time comment system that will store comments within a local database.

The plugin comes with support for multiple comment layouts, inline commenting and feedback, as well as a post rating system and multi-level (nested) comment threads.

Arbitrary file upload bug…


More Info

Meet Red Plum, a Platform That Makes Building WordPress Sites Easier » Dallas Innovates

To Andrea Malone, learning how to navigate open-source content management system WordPress is necessary to successfully building a brand. But launching a website can be difficult (and time-consuming) for businesses without the budget or in-house knowledge to do so.

Last year, Malone set out to make WordPress easy for designers and marketers so they can get back to making clients and customers happy. She founded Red Plum WP Builder, a B2B startup that removes all non-billable website-related tasks and barriers to having an attractive site.

“Designers,…


More Info

Gutenberg 8.6 Adds Cover Block Video Positioning and Updates Block Patterns – WordPress Tavern

Gutenberg 8.6 landed quietly last week. Much of the focus right now is ironing out the remaining bugs for WordPress 5.5 during its beta cycle. However, that does not mean the Gutenberg project has come to a complete halt in terms of new features. The team is marching forward with extra goodies for those who use the plugin.

The latest update of the plugin did not cover as much ground as normal, but it does include an enhancement for the Cover block when using a video background and several updates to block patterns.

The primary focus for version 8.6 was squashing bugs. The…


More Info

What is alt text in WordPress? How to add the accessibility feature

  • Alt text in WordPress is a description you can add to images in web pages to assist blind and visually impaired people using a screen reader. 
  • You can add alt text to your pictures when you upload them in WordPress through the alt text field in the Attachment Details pane of the media page. 
  • You can also edit alt text when you insert an image in a WordPress post.
  • Alt text in WordPress works best when you follow best practices, including describing your content accurately and using no more than 100 characters. 
  • Visit Business Insider’s Tech Reference library for more…

More Info

A Focus On Teaching Non-technical Beginners About WordPress

MalCare recently got a chance to speak with Alice Elliott, an award winning blogger and digital marketer whose blog Fairy Blog Mother provides simple, jargon-free, highly visual WordPress training for beginner bloggers. Let’s jump into the interview below.

The Interview

Hi Alice, and thank you for taking the time to chat with our WordPress blog audience today. You have been blogging for more than ten years now and you’re well known in the WordPress space as a leader who helps non-technical people learn how to effectively use WordPress as a blogging platform. Why don’t you kick…


More Info

How to Hide WordPress Admin Bar?

Has the ever-present WordPress Admin Bar got you pulling your hair? 

GIF showing annoyance

Wondering how to get rid of it? 

Well, you’re in luck! 

You see, we recently had to hide WordPress Admin Bar. We tried and tested nearly 20 different ways to do this! 

In this article, we’re going to explore the ones that simply…. work.

Pro tip: To know the step-by-step process to hide the WordPress Admin Bar, skip to this section below

What is the WordPress Admin Bar? 

The Admin Bar is like your website’s very own WordPress speed-dial! 

Let me explain.

The Admin Bar is a 32px long toolbar that is displayed at…


More Info