Two exposures were disclosed in NextGen Gallery, including a critical Cross-Site Request Forgery (CSRF) leading to full Remote Code Execution (RCE). These vulnerabilities affect over
Four vulnerabilities were disclosed recently with Ninja Forms, a WordPress plugin that is used by over a million sites. These vulnerabilities could possibly allow attackers to
Passwordless Logins is a new way to lock down your WordPress site while making it easier for you to log in securely without ever entering
Zoho CRM Lead Magnet Plugin version 1.6.9 is vulnerable to an Authenticated Cross-Site Scripting attack. The vulnerability would allow an attacker to execute malicious code in a user’s
Broken Link Checker version 1.11.8 is vulnerable to an Authenticated Cross-Site Scripting attack. Uninstall and delete the plugin. Manage WP is not actively maintaining
All In One SEO Pack version 3.2.6 and below is vulnerable to a Stored Cross-Site Scripting attack. An attacker will need to use an authenticated user to exploit
WordPress websites are not set and go system. Once your site is launched, it requires ongoing maintenance and frequent updating. Much like the software on
There is a new WordPress version 5.1.1 available for community. This security and maintenance release introduces 10 fixes and enhancements, including changes designed to help
On average, 50,000 new websites are hacked each day.
