Many people use the Stripe payment plugin, including some of our clients – all of whom have been contacted by our support team. WordPress Stripe payment plugin bug leaks customer order details (bleepingcomputer.com) Have your web developers or cyber security support contacted you? Do you even know if this issue …
WordPress JetPack and Gravity Forms vulnerable
Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …
Continue reading “WordPress JetPack and Gravity Forms vulnerable”
WordPress again…
See here for what I have written about WordPress this week: Let’s Talk About WordPress …and if you do not think hackers go after WordPress and it’s plugins, then read this: Hackers target 1.5M WordPress sites with cookie consent plugin exploit (bleepingcomputer.com)
WordPress Elementor Plugin Under Attack
Earlier in the week I wrote about the issues with the WordPress plugin Elementor. Now the vulnerabilities I wrote about are being actively scanned for by threat actors: Hackers target vulnerable WordPress Elementor plugin after PoC released (bleepingcomputer.com) Have you or your web designers updated your website? (We have.) Do …
Millions of websites use WordPress…
…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …
WordPress plugin vulnerability
A vulnerable WordPress plugin is in the news. The Advanced Custom Fields plugin needs to be updated or your site is vulnerable: WordPress plugin flaw puts ‘millions of websites’ at risk • The Register If you use this get it updated now. Do you know if your website uses this …
WordPress vulnerability
You always need to keep up with the cyber security of your WordPress website and any plug-ins you use. Here is another that needs checking: Massive Balada Injector campaign attacking WordPress sites since 2017 (bleepingcomputer.com) Now the question you need to ask yourself is who looks after my website, assuming …