upgrade-today-critical-vulnerability-in-phpmailer-affects-wordpress-drupal-websites.jpeg

Unpacking the WordPress update fiasco (and why you need someone to keep an eye on your WordPress updates)

Chris Grant (he/him) November 09, 2020 0 Comments

Everything doesn't always go to plan, and that was the case for a series of WordPress Update mishaps recently. On Thursday, October 29th the WordPress core team released WordPress version 5.5.2. This was a minor release containing bug fixes and security enhancements to the core WordPress content management system powering over one-third of the internet. In the WordPress 5.5.2 release, the...

WooCommerce: Spam Orders and Accounts from Bots

Alex Swabey November 09, 2020 0 Comments

Versions of WooCommerce prior to 4.6.2 contain a vulnerability that allows guest users to create accounts during checkout even when the "Allow customers to create an account during checkout" setting is disabled. This vulnerability is being exploited by a bot to place spam orders and create user accounts that are then used to probe for vulnerabilities in other plugins on the site. In response to...

Day: 9 November 2020

Unpacking the WordPress update fiasco (and why you need someone to keep an eye on your WordPress updates)

WooCommerce: Spam Orders and Accounts from Bots

Recent posts on our blog