The WooCommerce Checkout Manager has been reported by PluginVulnerabilities.com for being vulnerable in arbitrary file uploads. The exploit could be activated by an unauthenticated remote attacker when the plugin "Categorize Uploaded Files" option is enabled. In this case, the attacker cloud brute-force or guess an existing order id number and execute arbitrary server-side script code in the WooCommerce website with the active WooCommerce Checkout Manager plugin. Apparently, WooCommerce … [Read more...] about WooCommerce Checkout Manager 4.2.6 Vulnerability
How to Protect a WordPress site from being Hacked
“WordPress is the best thing ever! I love it!” – said no person ever who’s site got hacked. People tend to blame their hosting providers, plugin, theme and WordPress developers, hackers for not having a better thing to do than hack their site… The reality is simple. This can happen to anyone and it’s your responsibility to prevent it. Or at least make it extremely difficult. If you are reading this, you probably had a bad experience with malware or you’ve heard stories and don’t want that from … [Read more...] about How to Protect a WordPress site from being Hacked
0-day Vulnerability for Social Warfare WordPress plugin
Today, March 21st 2019, Social Warfare plugin has been removed from WordPress.org repository due to a 0-day vulnerability for version 3.5.2 which allowed attackers to inject malicious Javascript code into plugin's social share links published on any site using it. **1st Update** https://twitter.com/warfareplugins/status/1108853377155375104 Social Warfare plugin was patched only hours ago so if you have any site using it you should either upgrade to version 3.5.3 or de-activate and remove it … [Read more...] about 0-day Vulnerability for Social Warfare WordPress plugin
20 Most Promising WordPress Blogs to Follow in 2019
WordPress above all is an ecosystem where everyone can easily enter and start learning from day one. There is so much information on the web regarding WordPress that a newbie may have a hard time finding a worthy WordPress resource website. This blog post will feature 20 of the promising WordPress blogs to follow in 2019. We tried to go out of the ordinary route because we wanted to show new WordPress resources or ones which weren't well known. Being a relatively new WordPress service … [Read more...] about 20 Most Promising WordPress Blogs to Follow in 2019
Workaround for Gmail and G-Suite ignoring reply-to field
How to Temporarily Fix a Gmail and G-Suite bug that's ignoring reply-to headers for Contact Form 7 and Gravity Forms Some months ago Contact Form 7 users noticed that their incoming emails ignored the reply-to field. This occurred only to Gmail and G-Suite accounts and caused their form email replies to be sent to their own email addresses instead of the email address of their site visitors. We noticed the same issue in our own contact and WordPress Hacked Fix Request forms which use … [Read more...] about Workaround for Gmail and G-Suite ignoring reply-to field