Clik here to view.
Fake plugin wave affecting WordPress sites
Recently our colleague Joshua Goode escalated to the Security Research team an investigation he was performing on several websites that presented the same indicators of compromise. There were small...
View ArticleHow Malware Can Abuse the .htaccess File
You learned about the importance of the .htaccess file in our blog post How to Access and Edit the Default WordPress .htaccess File. As you can imagine, an important file such as .htaccess can be a...
View ArticleSQL Injection Discovered And Fixed In Slimstat Analytics and Paid Memberships...
During an internal audit of the Slimstat Analytics and Paid Memberships Pro plugins, we uncovered two SQL Injection vulnerabilities that could allow low-privileged users like subscribers to leak...
View ArticleClik here to view.
MainWP Partners with Jetpack for WordPress Security
Managing multiple WordPress sites can be stressful. With the average WordPress site running 22 plugins, it’s crucial that every vulnerability is accounted for. That’s why we’re thrilled to announce...
View ArticleClik here to view.
10 Best Tools to Check a Website for Malware & Virus Infections
As a website owner, you’ve worked hard to develop your website and build your business. But, with Google issuing over three million safe browsing warnings a day, it’s clear that you have to be...
View ArticlePassword Reuse: A Major Vulnerability You Need to Avoid
Safeguarding personal and business information is more crucial than ever. One common, yet often overlooked, vulnerability that can compromise this safety is password reuse. What seems like a simple...
View ArticleClik here to view.
What is Vulnerability Scanning & How Does it Work?
Imagine waking up to find your website has been hacked overnight. It’s not a fun thing to picture and something no business ever wants to face. Thankfully, vulnerability scanning can act as a watchdog...
View ArticleWhat is PHP Object Injection? An In-Depth Guide with Examples
PHP object injection is a serious security threat that can have devastating consequences for websites and web applications. In this guide, we’ll explore what PHP object injection is, how it works, and...
View ArticleClik here to view.
XSS vs CSRF Attacks: How They Differ and How to Counter Them
Cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks are among the most common dangers for modern websites. Understanding how these attacks work and how to prevent them is...
View ArticleClik here to view.
What Are XSS Attacks on WordPress? (And How to Prevent Them)
Cross-site scripting (XSS) is one of the most common vulnerabilities reported in web applications. It often results in hackers stealing information (like login credentials) or changing content on your...
View Article