Is It Safe to Use Outdated WordPress Plugins?

Are you wondering whether it’s safe to install and use an outdated WordPress plugin? Sometimes when you are searching for a plugin to add a new feature to your website, you may find one that looks perfect, but it hasn’t been updated for a while or hasn’t been tested with your version of WordPress. Often… Continue reading Is It Safe to Use Outdated WordPress Plugins?

11 Things You Should Do When Inheriting a WordPress Site

If you have just inherited an existing WordPress site, what should you do first? Whether you’re a business owner who recently acquired a new website or an office assistant who’s inheriting your company’s existing website from another team member, you might be wondering what the most important next steps are. In this article, we will… Continue reading 11 Things You Should Do When Inheriting a WordPress Site

Is WordPress Really That Bad? (9 Things You Should Know)

Sometimes a misinformed tech consultant, or a paid YouTube influencer for a competing brand might say things like WordPress is BAD! This can be confusing for beginners to see conflicting opinions about whether WordPress is a bad content management system. The question any rational person should ask is: if WordPress is really that bad, then… Continue reading Is WordPress Really That Bad? (9 Things You Should Know)

What, Why, and Hows of WordPress Security Keys

Do you want to learn more about WordPress security keys and salts? WordPress uses security keys to protect your website against hacking attempts. You can use them more efficiently to improve WordPress security. In this article, we will discuss what are WordPress security keys and salts and why you should use them. What are WordPress… Continue reading What, Why, and Hows of WordPress Security Keys

How to Disable Directory Browsing in WordPress

Do you want to disable directory browsing in WordPress? Directory browsing can put your site at risk by showing important information to hackers which can be used to exploit vulnerabilities in your site’s plugins, themes, or even your hosting server. In this article, we will show you how you can disable directory browsing in WordPress.… Continue reading How to Disable Directory Browsing in WordPress

Smilodon Credit Card Skimming Malware Shifts to WordPress

WordPress’ massive market share has come with an unsurprising side effect: As more and more site admins turn to popular plugins like WooCommerce to turn a profit on their website and set up online stores we’ve seen a significant increase in the number of attacks targeting WordPress eCommerce sites. What’s more, bad actors are repurposing… Continue reading Smilodon Credit Card Skimming Malware Shifts to WordPress

Analysis of the Massive NDSW/NDSX Malware Campaign

Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive infections don’t go unnoticed by Sucuri and we immediately recognized that the infection in their writeup belonged to the campaign we internally refer to as “ndsw/ndsx” malware. We’ve been tracking… Continue reading Analysis of the Massive NDSW/NDSX Malware Campaign

Vulnerability & Patch Round-up — May 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. We’ve compiled a list of some important security updates and vulnerability patches for the WordPress ecosystem for May, 2022. Critical Privilege Escalation Vulnerability in Jupiter and JupiterX… Continue reading Vulnerability & Patch Round-up — May 2022