New Linux malware uses 30 plugin exploits to backdoor WordPress sites

A previously unknown Linux malware has been exploiting 30 vulnerabilities in multiple outdated WordPress plugins and themes to inject malicious JavaScript.

According to a report by antivirus vendor Dr. Web, the malware targets both 32-bit and 64-bit Linux systems, giving its operator remote command capabilities.

The main functionality of the trojan is to hack WordPress sites using a set of hardcoded exploits that are run successively, until one of them works.

The targeted plugins and themes are the following:

  • WP Live Chat Support Plugin
  • WordPress – Yuzo Related Posts
  • Yellow Pencil…

More Info

Publishers Can Now Easily Add Content Recommendations to their WordPress Websites

Publishers today have to monetize their content to survive.

Even if you already offer subscriptions or paywalls, you need to diversify revenue channels to meet your bottom line. And that means incorporating ads into your websites and apps.

The problem is that placing and delivering those ads can be pretty complex and time-consuming. So, instead of working on producing high-quality content, you’re left trying to integrate your site with third-party platforms and — even worse — manually add codes and features, all without the help of a developer.

Thankfully,…


More Info

Hackers exploit bug in WordPress gift card plugin with 50K installs

Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000 websites.

YITH WooCommerce Gift Cards Premium is a plugin that website operators to sell gift cards in their online stores.

Exploiting the vulnerability, tracked as CVE-2022-45359 (CVSS v3: 9.8), allows unauthenticated attackers to upload files to vulnerable sites, including web shells that provide full access to the site.

CVE-2022-45359 was disclosed to the public on November 22, 2022, impacting all plugin versions up to 3.19.0. The security update that…


More Info

How to Create a WordPress Website With SiteGround

SiteGround is one of the most popular website hosting services on the internet.

If you’re looking to make a website with WordPress using SiteGround hosting, you don’t have to code.

Instead, you can use a CMS (content management system) like WordPress (.org).

WordPress is used by over 40% of all websites on the internet, and it’s the gold standard for website creation.

This quick and easy guide teaches you how to set up and create a WordPress website with SiteGround hosting.

Just so that you know you’re in good hands—I’m the founder of this…


More Info

Commercial and Community Categorization Is Live on WordPress.org Theme and Plugin Directories – WP Tavern

One of Matt Mullenweg’s announcements at the 2022 State of the Word was the addition of new taxonomies for the theme and plugin directories that will help users more quickly ascertain the purpose of the extensions they are considering.

With nearly 60,000 free plugins available and more than 10,000 free themes, it’s not always immediately evident which extensions are officially supported by the community and which have commercial upgrades and support available.

The new “Community” and “Commercial” designations were created to demystify the selection process and empower…


More Info

the Zero-bloat Page Builder for WordPress to Create Faster Webpages That Achieve Better SEO Results

LiveCanvas

Bali, Indonesia, Dec. 21, 2022 (GLOBE NEWSWIRE) — LiveCanvas is a page builder aimed specifically at those who want to build great websites without getting too far from the HTML code, but reducing fatigue.

Engineered for performance and trusted by over 13966 Sites, LiveCanvas helps you achieve fine-grain control and edge-to-edge precision throughout your entire WordPress project, handling both particular pages and dynamic templates.

Tim Bowerbank, an App Developer at Pendigital Limited UK, says after leaving WordPress “a few years back for static site generators” that…


More Info

Block Protocol Announces New WordPress Plugin Coming in 2023 – WP Tavern

Block Protocol, a project that launched earlier this year that aims to build a universal block system, has announced a new WordPress plugin coming in early 2023. It will allow users to embed interactive blocks that are compatible with Gutenberg. Given WordPress’ footprint on the web (43% by W3Tech’s estimate), this plugin is a major milestone on the project’s roadmap for supporting a more interoperable and open web with blocks that can be shared through a standardized protocol. 

The Block Protocol plugin will give users access to the global registry of interoperable blocks….


More Info

WordPress.com Launches Newsletter Product – WP Tavern

WordPress.com has launched a newsletter product just in time to capture those escaping Gumroad’s price increase and editors displaced by Revue shutting down. Newsletters, which were already booming as a communication tool in recent years, have become more critical than ever, as the uncertainty around Twitter has people scrambling to find reliable ways to stay connected.

WordPress.com (and Jetpack users) have had the ability to send published posts to email subscribers for years. This isn’t usually marketed as a newsletter (as you can see below) but functions in the same way.

WordPress Not Inherently Better For SEO

In response to a thread on Reddit, Google Search Advocate John Mueller says there’s no inherent SEO advantage to using WordPress compared to coding a website yourself.

A thread in the r/SEO forum asks a familiar question many practitioners run into in their careers.

Is WordPress better for SEO than coding your own website?

Other variations of that question include, “is WordPress better for SEO than Wix,” or, “is WordPress better for SEO than [insert CMS here]?”

No matter how you ask it, the answer is always the same.

WordPress isn’t inherently better for SEO than any other…


More Info

Mactrast Deals: WP101 WordPress Tutorial for Beginners: Lifetime Access

WP101® is the most popular WordPress video tutorial series for beginners. Since 2008, our WordPress video tutorials have helped more than three million beginners learn how to use WordPress to create their own websites. We are proud to be a WP Engine Recommended Solution, and our videos have been licensed by hundreds of notable companies, including GoDaddy, Namecheap, Nexcess, Pressable, Media Temple, WooCommerce, StudioPress, WPBeginner, Seth Godin, Jeff Goins, and even NASA!

DEALS: WP101 WordPress Tutorial for Beginners: Lifetime Access – A Series of Meticulously-Crafted…


More Info