Security Vulnerabilities Discovered In Rank Math WordPress Plugin

Extending the stream of vulnerable WordPress plugins, now joins Rank Math. Reportedly, a couple of serious security vulnerabilities existed in the WordPress SEO Plugin – Rank Math. One of these flaws could even give admin privileges to an adversary.

Rank Math Plugin Vulnerabilities

Team Wordfence has come up with another interesting discovery this week. They found a couple of security vulnerabilities in the WordPress SEO Plugin Rank Math. They have explained their findings in a recent blog post.

One of the two security flaws is a privilege escalation vulnerability with a CVSS score of…


More Info

A Deep Dive Into Building A 50+ Person WordPress Studio With Mario Peshev

Entrepreneurship is living a few years of your life like most people won’t so that you can spend the rest of your life like most people can’t.

horizontal line

At MalCare, we focused on contributing to the WordPress community in many different ways. We strive to be a source of valuable information for WordPress users looking to learn more about web security. However, there are times when we like to zoom out a little bit and discuss topics relating to the WordPress community in general.

Today we had the opportunity to do just that. We recently had the opportunity to chat with Mario Peshev, a…


More Info

Free WordPress Hosting – Create WordPress Website for Free

mBlog.my will takes care of all the hostings for you. You do not have to buy any software or pay for hostings or even manage a web server. Thus, making it the perfect place to start if you are a hobby writer.

mBlog.my is seemingly easy to set up, and while we do offer various premium upgrades if you wish, the free hosting does solve most of your WordPress needs.

Key Features:

  • Free Subdomain (yourname.mblog.my)
  • Includes premium plans other than the free service.
  • Hundreds of themes to choose from.
  • Mobile-friendly site creation.
  • Fast & Friendly customer support.
  • Mobile and Desktop apps are available.
  • Built-in social sharing with in-depth stats.
  • SEO Friendly.
  • Beginner is friendly with guides.

Pros

  • No need to download any software or installer.
  • Free for up to 3 GB disk space.
  • Automatic updates and backups.
  • Hundreds of customizing themes available.
  • Blazing-fast speed.
  • High-leveled security.

WordPress Security Audit: 8 Steps For Securing WordPress Website

Imagine this, you sat down one day and ran a complete security setup on your site. You installed a WordPress security plugin on your site, you updated all your plugins and themes, you implemented website hardening measures. You’re sure your site is safe and secure from hackers.

A few months later, you wake up to find that your website has been hacked. When you try to access your site, you’re being redirected to another. Or you might see malicious pop-ups and ads on your site. You realize your security measures failed!

This is a scenario faced by many WordPress site owners.

Many mistake…


More Info

Don’t get locked out of your own website – update this WordPress plugin now! – Naked Security

Researchers at WordFence, a company that provides cybersecurity services for WordPress users, has warned of two security problems in a popular WordPress plugin called Rank Math.

That’s “math” as in “calculations relating to” and “rank” as in “search engine rating”, not “rank math” as in a real stinker of a calculus problem.

The creators of Rank Math, it seems, had neglected to put security checks on some of the remote commands that the plugin supports.

As a result, someone who hadn’t logged in could have triggered two related bugs.

In the first bug, a regular…


More Info

Critical WordPress Plugin Bug Can Lock Admins Out of Websites – Threatpost

wordpress plugin rank math security bug

A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.

A pair of security vulnerabilities in the WordPress search engine optimization (SEO) plugin, known as Rank Math, could allow remote cybercriminals to elevate privileges and install malicious redirects onto a target site, according to researchers. It’s a WordPress plugin with more than 200,000 installations.

According to researchers with Wordfence, one of the flaws is critical (10 out of 10 on the CVSSv3 vulnerability severity scale). It could allow an…


More Info

WordPress 5.4 arrives with new blocks, 14% faster editor, and privacy improvements

WordPress.org today launched WordPress 5.4, which focuses on “more ways to make your pages come alive,” as well as “boosts in speed you can feel.” Version 5.4, which was developed by 552 volunteer contributors, includes new blocks, clearer navigation, a faster editor, privacy improvements, and developer additions. You can download the new release now from WordPress.org/Download.

WordPress is a content management system (CMS) that powers over 30% of the web (including VentureBeat). This means there’s a massive ecosystem of website administrators and developers watching out…


More Info

Got time on your hands? Learn to build a WordPress e-commerce site.

Products featured here are selected by our partners at StackCommerce.If you buy something through links on our site, Mashable may earn an affiliate commission.

You'll save well over $2,000 with this sale.
You’ll save well over $2,000 with this sale.

Image: pexels

TL;DR: Make use of your free time with the Build Your Own Business Bundle for $39.99, a 98%…


More Info

WordPress 5.4 “Adderley” Includes Improved Editor, New Blocks, and Developer APIs – WordPress Tavern

WordPress 5.4 “Adderley”, named in honor American jazz musician Nat Adderley, was released today and is now available for download. The update includes new social icons and buttons blocks, usability improvements to the block editor, and new APIs for developers to use in plugins and themes.

This release saw contributions from 168 new volunteers. There were 552 contributors in total.

The release was led by Matt Mullenweg, Francesca Marano, and David Baumwald. They were joined by the following contributors in supporting roles in getting version 5.4 released:

Users can…


More Info

WordPress 5.4 lands with enhanced privacy controls


Adam Bannister

31 March 2020 at 11:58 UTC

Updated: 31 March 2020 at 11:59 UTC

Latest core release also tweaks login diagnostics for devs

WordPress logo on pink background

WordPress 5.4 launches today (March 31) with a raft of privacy-related enhancements.

“WordPress 5.4 brings several improvements to the privacy tools to improve the user experience and expand upon the data provided in personal data exports,” said core contributor Garrett Hyder in his release notes.

In total, WordPress 5.4 incorporates 122 enhancements and…


More Info