Website security

An important security update for WPML has been released

Chris Grant (he/him) September 30, 2022 0 Comments
Recently, the development team of the WPML (WordPress Multilingual) plugin team was notified and revealed the top-level detail, of an issue that allows unauthorized access to some WPML internal features such as those used for configuration of translation jobs and changing plugin settings. It’s important to note that this vulnerability is only accessible to registered site users, not just any...
Read More
Developer working on websites codes in office. SEO optimization. Server logs analysis. Binary digits code editing. Coding script text on screen

Post Grid WordPress Plugin Flaw Found “Patch it sharpish if you use it…”

Andy Smart October 13, 2020 0 Comments
Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, according to researchers. To boot, nearly identical bugs are also found in Post Grid's sister plug-in, Team Showcase, which has 6,000 installations. The issues are a cross-site scripting (XSS) flaw as well as a PHP object-injection issue. Both bugs are pending...
Read More
a person checking a WordPress website from a laptop

4 tips for managing WordPress plugins in 2020

Chris Grant (he/him) January 22, 2020 0 Comments
Updating your WordPress plugins is most easily achieved from the Plugins tab in the WordPress dashboard. From there you can see which plugins have updates available, after which it’s a matter of hitting Update now to install the new versions. Minimise the number of plugins you have. Always remove plugins if you aren’t using them anymore. Keep your attack surface area as small as you can....
Read More
a robber behind a mobiel icon

Your password is your first line of defense against hackers, so make it a good one

Chris Grant (he/him) November 08, 2019 0 Comments
Combine unrelated words to make stronger passwords To create a strong password, try combining two or more unrelated words. It could even be an entire phrase. Then change some of the letters to special letters and numbers. The longer your password, the stronger it is. A single word with one letter changed to an @ or ! (such as p@ssword!) doesn’t make for a strong password. Password cracking...
Read More
heres-why-its-essential-to-keep-your-wordpress-website-plugins-themes-up-to-date.jpg

WordPress 5.2.4 Release Addresses Several Security Issues

Chris Grant (he/him) October 18, 2019 0 Comments
The core WordPress team released version 5.2.4 of WordPress on October 14th 2019. The release addresses six security issues that were all privately reported through WordPress’ responsible disclosure procedure. Like any security release, users should update immediately to the latest version to keep their sites secure. All major branches of WordPress from version 3.7 to 5.2 received the new...
Read More
googles-chrome-browser-will-soon-label-non-https-websites-as-unsafe.png

Google Chrome announces roll-out of mixed content blocking, beginning January 2020

Chris Grant (he/him) October 12, 2019 0 Comments
The Google Security Team has announced a timeline for when Chrome will begin blocking mixed content by default in order to ensure that HTTPS browsing is more secure. Mixed content refers to HTTPS pages that load resources, such as images, videos, stylesheets, and scripts, over HTTP. The gradual rollout will begin with Chrome 79, which is scheduled for release in December 2019. The browser...
Read More
Wordpress.org website plugin

Hackers infecting WordPress sites via defunct “Rich Reviews” plug-in

Chris Grant (he/him) September 27, 2019 0 Comments
If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. The now-defunct plug-in has a major vulnerability that allows malvertisers to infect sites running WordPress and redirect visitors to other sites. Rich Reviews was a WordPress plugin that lets sites manage reviews internally in WordPress, and also displays Google reviews for a business...
Read More
A person working on a website on a laptop

WordPress 5.2 “Jaco” – Keeping Sites Safer

Chris Grant (he/him) May 08, 2019 0 Comments
WordPress 5.1 "Jaco" is now available! Update now to keep your website current, secure, and benefit from the latest feature enhancements. Keeping Your Site Safe WordPress 5.2 gives you even more robust tools for identifying and fixing configuration issues and fatal errors. Whether you are a developer helping clients or you manage your site solo, these tools can help get you the right information...
Read More