WordPress security: More than 600,000 sites hit by blind SQLi vulnerability in WP Statistics plugin

Sensitive database data at risk if webmasters fail to update systems

WP Statistics, a popular web analytics plugin for WordPress, contained a time-based blind SQL injection vulnerability that, if exploited, could result in sensitive information being exfiltrated from a site’s database.

Webmasters of WordPress sites running the open source plugin, which number more than 600,000, have been urged to update their systems as soon as possible.

The nature of the high severity (CVSS score 7.5) pre-authenticated vulnerability (CVE-2021-24340) means…


More Info

WordPress Work Wonders for Small Businesses! 5 Reasons to Prove It

Do you remember the times when even for the small changes in a website, a business owner needed a developer? However, the time has changed now. WordPress for small businesses proves to be a blessing for product owners. With its introduction, content management and site optimization become pretty easy.

Although started as a blogging tool, WordPress is now better known as a Content Management System (CMS). It is widely popular for developing interactive websites. This blog will describe to you the primary reasons why it is…


More Info

WordPress to drop Support for Internet Explorer

If you are among those using Internet Explorer 11 (IE11), there’s news for you. After Microsoft Teams and Microsoft 365 apps and services, WordPress has finally decided to end the support for Internet Explorer 11 coming July.

WordPress dropping IE11 support

WordPress’s official blog today announced that “When WordPress 5.8 is released in July of this year, Internet Explorer 11 will no longer be supported”.

WordPress dashboard for the past 17+ months has been issuing a warning that IE11 is an outdated browser. So, if you are still a user, it is recommended to switch to a modern web…


More Info

7 Local SEO Best Practices for WordPress Websites

WordPress is one of the most flexible open source Content Management Systems (CMS) in the world.

Its rich functionality, low barrier to entry, and unbeatable price tag (it doesn’t get better than free, does it?) have all led to its meteoric rise as the web’s most popular CMS.

So it’s no surprise that WordPress has been downloaded more than 32.6 million times or that it powers 40% of all websites.

WordPress is also SEO-friendly, to the point where even non-techies can easily implement some simple optimization techniques. This is great news for small local businesses which may not have…


More Info

ProfilePress Rebrands and Repurposes WP User Avatar, Now a Membership Plugin, Users Revolt via the WordPress Review System – WordPress Tavern

Less than two weeks after publishing about the broken user experience of the former Dark Mode plugin being renamed and repurposed, another plugin development company decided to do the same. The consensus seems to be that this is a bad idea. However, the ProfilePress Team renamed and repurposed the WP User Avatar plugin.

Instead of a simple, single-purpose custom avatar solution, it is a full-fledged user registration, profile, login, and membership management plugin.

It is now called ProfilePress. But, let’s call it ProfilePress Lite because there is a commercial component…


More Info

WordPress email deliverability and how to improve it

Email is arguably the most common electronic communication medium on Earth. It’s used for everything, from communication to alert notifications, to password reset flows and email-based Two-factor Authentication (2FA).

As a website owner sending email from your WordPress site, there are a few issues you’ll likely encounter. If you simply try and install a plugin to send emails on your website’s behalf, your email will almost certainly end up in the junk/spam folder, assuming the mail server even allows it through in the first place. What’s more, while PHP has a built-in mail()


More Info

WordPress Evangelist Robert Jacobi Joins Cloudways Executive Team

CHICAGO–()–Cloudways (www.cloudways.com), a cloud hosting provider focused on simplicity and productivity, is announcing that Robert Jacobi is joining its executive team. He brings his vast experience across the world of web hosting to join the company as Director of WordPress. Robert has led several successful ventures in the open-source and hosting industry and is an internationally recognized leader among web professionals.

Cloudways is a multi-cloud managed application as a service platform that lets users choose where they want their website to be hosted…


More Info

WordPress Evangelist Robert Jacobi Joins Cloudways Executive Team

Cloudways, the intuitive cloud hosting platform, announces the newest addition to its executive team – Industry veteran, Robert Jacobi, who has decades of developer-focused management experience with Fortune 500 companies

Cloudways (www.cloudways.com), a cloud hosting provider focused on simplicity and productivity, is announcing that Robert Jacobi is joining its executive team. He brings his vast experience across the world of web hosting to join the company as Director of WordPress. Robert has led several successful ventures in the open-source and hosting industry and is an…


More Info

Object Injection Vulnerability Affects WordPress Versions 3.7 to 5.7.1

If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a new object injection vulnerability which affects WordPress versions 3.7 to 5.7.1. Be sure to get updated to 5.7.2 as soon as possible!

According to WPScan, the new object injection vulnerability is due to versions of PHPMailer library between 6.1.8 and 6.4.0. The original CVE can be found here.

As per the Open Web Application Security Project:

PHP Object Injection is an application level vulnerability that could allow an…


More Info

Anariel Design Launches Naledi, a Block-Based WordPress Theme – WordPress Tavern

Naledi theme homepage.

Over the weekend, Anariel Design co-founder Ana Segota tweeted that she was nearly ready to submit the company’s first block theme into the WordPress directory. There are only five such experimental themes available for download in the repo right now, and I have been patiently awaiting more.

The Naledi theme is in the review queue, but those who want to give it a spin can grab a copy of the ZIP file from its ticket. Or, just peruse the theme’s demo.

Block, block-based, or FSE themes are built entirely out of blocks, not just the post content. This…


More Info