Unpacking the WordPress update fiasco (and why you need someone to keep an eye on your WordPress updates)

Everything doesn't always go to plan, and that was the case for a series of WordPress Update mishaps recently. On Thursday, October 29th the WordPress core team released WordPress version 5.5.2. This was a minor release containing bug fixes and security enhancements to the core WordPress content management system powering over one-third of the internet. In the WordPress 5.5.2 release, the...
Read More

WooCommerce: Spam Orders and Accounts from Bots

Versions of WooCommerce prior to 4.6.2 contain a vulnerability that allows guest users to create accounts during checkout even when the "Allow customers to create an account during checkout" setting is disabled. This vulnerability is being exploited by a bot to place spam orders and create user accounts that are then used to probe for vulnerabilities in other plugins on the site. In response to...
Read More