Being an avid WordPress user is just the beginning. After all, there is always breaking news, updates, trending designs, coding techniques, tools, and more to learn about. But in between work and play, how are you supposed to keep up without making a huge time commitment? The answer is WordPress podcasts. Introduced on iTunes in 2005, podcasts have come a long way. In fact, there are currently over 700,000 podcasts and 29 million episodes for people to listen to; and those numbers continue to rise. People love listening to podcasts because they offer them flexibility to do other things while listening to something they’re interested … [Read more...] about The Top 10 Most Promising WordPress Podcasts for 2019
Archives for April 2019
WooCommerce Checkout Manager 4.2.6 Vulnerability
The WooCommerce Checkout Manager has been reported by PluginVulnerabilities.com for being vulnerable in arbitrary file uploads. The exploit could be activated by an unauthenticated remote attacker when the plugin "Categorize Uploaded Files" option is enabled. In this case, the attacker cloud brute-force or guess an existing order id number and execute arbitrary server-side script code in the WooCommerce website with the active WooCommerce Checkout Manager plugin. Apparently, WooCommerce Checkout Manager vulnerability was caught by the WordPress repository review stuff which resulted in de-activating plugin's listing for wordpress.org. If … [Read more...] about WooCommerce Checkout Manager 4.2.6 Vulnerability
Easy WP SMTP v.1.3.9 Hacked Fix
Easy WP SMTP 0-Day vulnerability Easy WP SMTP is a very popular WordPress plugin that provides routing outgoing emails from a WordPress site to an SMTP server of choice. It is a great tool for resolving issues with the email delivery, we have used it on many occasions with our client sites, it has 300,000+ active installs and it is regularly updated. This is why it came as a shock when it was reported that the latest version of the plugin (1.3.9) had a serious security issue that led to a lot of sites being hacked. The plugin vulnerability was discovered on March 15th by the Ninja Technologies Network, after it was caught by their plugin … [Read more...] about Easy WP SMTP v.1.3.9 Hacked Fix
WordPress Infected with the Pharma Hack? How to Detect, Clean and Secure your site from it
What is the Pharma hack Years ago, I've had a client who wanted me to remove a page from their WordPress site. A page regarding pharmacy products. I searched through the posts, pages, custom post types or anything else I could think of and I've spent days assuring the client that no such page or post exists on their WordPress site. They were painfully insistent and said that they have found a page while checking the search results for their site on Google. I've checked the results myself and, much to my surprise found the page that they mentioned. That page was linking to another domain that was selling medication online, but the URL was … [Read more...] about WordPress Infected with the Pharma Hack? How to Detect, Clean and Secure your site from it
Pipdig Under Investigation (and Your Options If You Want Out)
If you’re at all involved in the WordPress community, it’s likely you’ve heard about a small commercial theme company called pipdig, which has found itself at the center of some very serious controversy. And while it’s been a little over a week since the scandal broke, people that have been using a pipdig theme or any one of their plugins (specifically pipdig Power Pack (p3)) might find themselves not knowing what to do next. How it All Started On March 29, 2019, Wordfence threat analyst Mikey Veenstra published a report about the small theme company pipdig, which also happens to provides hosting services. This report was shocking to the … [Read more...] about Pipdig Under Investigation (and Your Options If You Want Out)