WordPress | Smart Thinking Solutions

13 June 202314 June 2023

Do you use WordPress Stripe Payments?

Many people use the Stripe payment plugin, including some of our clients – all of whom have been contacted by our support team. WordPress Stripe payment plugin bug leaks customer order details (bleepingcomputer.com) Have your web developers or cyber security support contacted you? Do you even know if this issue …

Continue reading “Do you use WordPress Stripe Payments?”

31 May 202331 May 2023

WordPress JetPack and Gravity Forms vulnerable

Just before I write this I am going to alert our web team so they can check our clients have the WordPress patch installed and if not get it done for them… The WordPress JetPack is a useful add-on for WordPress websites that provides a range of extra functionality – …

Continue reading “WordPress JetPack and Gravity Forms vulnerable”

25 May 202329 May 2023

WordPress again…

See here for what I have written about WordPress this week: Let’s Talk About WordPress …and if you do not think hackers go after WordPress and it’s plugins, then read this: Hackers target 1.5M WordPress sites with cookie consent plugin exploit (bleepingcomputer.com)

19 May 202319 May 2023

WordPress Elementor Plugin Under Attack

Earlier in the week I wrote about the issues with the WordPress plugin Elementor. Now the vulnerabilities I wrote about are being actively scanned for by threat actors: Hackers target vulnerable WordPress Elementor plugin after PoC released (bleepingcomputer.com) Have you or your web designers updated your website? (We have.) Do …

Continue reading “WordPress Elementor Plugin Under Attack”

19 May 202319 May 2023

Millions of websites use WordPress…

…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …

Continue reading “Millions of websites use WordPress…”

9 May 20239 May 2023

WordPress plugin vulnerability

A vulnerable WordPress plugin is in the news. The Advanced Custom Fields plugin needs to be updated or your site is vulnerable: WordPress plugin flaw puts ‘millions of websites’ at risk • The Register If you use this get it updated now. Do you know if your website uses this …

Continue reading “WordPress plugin vulnerability”

11 April 202311 April 2023

WordPress vulnerability

You always need to keep up with the cyber security of your WordPress website and any plug-ins you use. Here is another that needs checking: Massive Balada Injector campaign attacking WordPress sites since 2017 (bleepingcomputer.com) Now the question you need to ask yourself is who looks after my website, assuming …

Continue reading “WordPress vulnerability”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.