upgrade-today-critical-vulnerability-in-phpmailer-affects-wordpress-drupal-websites.jpeg

Unpacking the WordPress update fiasco (and why you need someone to keep an eye on your WordPress updates)

Everything doesn't always go to plan, and that was the case for a series of WordPress Update mishaps recently. On Thursday, October 29th the WordPress core team released WordPress version 5.5.2. This was a minor release containing bug fixes and security enhancements to the core WordPress content management system powering over one-third of the internet. In the WordPress 5.5.2 release, the...
Read More

WooCommerce: Spam Orders and Accounts from Bots

Versions of WooCommerce prior to 4.6.2 contain a vulnerability that allows guest users to create accounts during checkout even when the "Allow customers to create an account during checkout" setting is disabled. This vulnerability is being exploited by a bot to place spam orders and create user accounts that are then used to probe for vulnerabilities in other plugins on the site. In response to...
Read More