Hackers Target Over A Million WordPress Sites To Steal Credentials

Researchers caught a recent malicious campaign targeting more than a million WordPress websites. As discovered, the hackers targeted all these WordPress Sites to harvest database credentials.

Hackers Target WordPress Sites In A Campaign

Team Wordfence has recently disclosed an orchestrated campaign by hackers targeting numerous WordPress sites.

As revealed in their recent blog post, the team detected over 130 million attacks within three days at the end of May 2020. These attacks collectively targeted around 1.3 million WordPress sites aiming to download their configuration files.

Among…


More Info

PageLayer WordPress Plugin Vulnerabilities Risked Over 200K Websites

Continuing with the trail of vulnerable plugins, now joins PageLayer. Researchers found some serious vulnerabilities in PageLayer WordPress plugin that posed a threat to more than 200,000 websites.

PageLayer Plugin Vulnerabilities

Reportedly, team Wordfence has come up with another interesting finding regarding a WordPress plugin. This time, they found a couple of vulnerabilities in the PageLayer WordPress plugin that threatened thousands of websites. They have shared the details in a recent blog post.

Briefly, they found two different vulnerabilities in the plugin.

The first of these is…


More Info

The 10 Best Free WordPress Themes of 2020

A website visitor takes just milliseconds to form an opinion of your site. Then, they decide to stay, giving you the opportunity to convince and convert. Or they click that back button and say goodbye.

That crucial first impression is formed on the basis of visual input: your website design. No matter how amazing your copy is, the deciding factor is how you present it.

Fortunately, having professional-looking website design is easier than ever. A multitude of WordPress themes is available for any conceivable purpose and industry.

But the quality, price,…


More Info

The 10 Best Free WordPress Templates For Your Site in 2021

A website visitor takes just milliseconds to form an opinion of your site. Then, they decide to stay, giving you the opportunity to convince and convert. Or they click that back button and say goodbye.

That crucial first impression is formed on the basis of visual input: your website design. No matter how amazing your copy is, the deciding factor is how you present it.

Fortunately, having professional-looking website design is easier than ever. A multitude of WordPress themes is available for any conceivable purpose and industry, from eCommerce to…


More Info

Hackers Target 1.3 Mn WordPress Sites Steal Database Logins

Cybercriminals targeted around 1.3 million WordPress websites in a single day to steal database login credentials. It is found that hackers tried to steal config files by exploiting known XSS vulnerabilities in WordPress plugins and themes, according to a security alert issued by cybersecurity firm Wordfence.

The researchers stated that attackers tried to download the wp-config.php WordPress configuration file which contains connection details, authentication unique keys, and salts along with database credentials. In case attackers successfully exploited any vulnerable…


More Info

Attackers tried to grab WordPress configuration files from over a million sites

A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab WordPress configuration files of 1.3 million sites at the end on the same month.

In both cases, the threat actor tried to exploit old vulnerabilities in outdated WordPress plugins and themes.

The latest attacks

“The previously reported XSS campaigns sent attacks from over 20,000 different IP addresses. The new campaign is using the same IP addresses, which accounted for the majority of the attacks and sites…


More Info

Blockify the WordPress Dashboard with the Mission Ctrl Plugin – WordPress Tavern

Nick Hamze makes it no secret that he loves the WordPress block system. He has spearheaded several unique blocks on the fun side of things as well as made more practical blocks through his Sorta Brilliant brand. It is his website for funding ideas for the block editor. For his most recent project, he has taken blocks outside of the post-editing screen, and this project is, well, sorta brilliant too.

Mission Ctrl is a WordPress plugin that blockifies the WordPress dashboard screen. The plugin allows users, developers, agencies, or even hosts set up the dashboard with custom widgets…


More Info

Hackers tried to steal database logins from 1.3M WordPress sites

A large scale attack targeted hundreds of thousands of WordPress websites over the course of 24 hours, attempting to harvest database credentials by stealing config files after abusing known XSS vulnerabilities in WordPress plugins and themes.

“Between May 29 and May 31, 2020, the Wordfence Firewall blocked over 130 million attacks intended to harvest database credentials from 1.3 million sites by downloading their configuration files,” Wordfence QA engineer and threat analyst Ram Gall said.

“The peak of this attack campaign occurred on May 30, 2020. At this point, attacks from this…


More Info

What You Should Know About WordPress

pixelcreatures / Pixabay

A website is a must-have asset for all businesses and I have recently received a lot of questions about WordPress and it’s benefits. It is my #1 recommendation for a website platform and I am not alone. In fact, according to information compiled by W3techs, WordPress is the most used CMS with a 61.8% market share. So why is WordPress so popular and what are some basics YOU need to know?

Before we get started, let’s address the difference between WordPress.com and WordPress.org.

The key difference is who’s actually hosting your website. With WordPress.org, you…


More Info

WordPress Security Updates (Complete Guide)

Wondering how to implement security updates on your WordPress website safely?

Security updates are extremely important. Delay in implementing updates can cause your website to be hacked. But a lot of times updates can cause compatibility issues that can break your website.

It’s a catch-22 situation.

Luckily, there is a way to update your site without breaking it. All you need to do is use a staging site to test the updates and then implement them on the live site.

In this article, we’ll walk you through every step in the process of how to update your website safely.

TL;DR

To update your…


More Info