WP Republic!

High Profile WordPress Security Services by WP Republic!

Security

June WordPress Security Updates and News-Volume 1

The first half of June was a period of time with a great number of WordPress security incidents. Over 40 Plugin Vulnerabilities were detected  affecting more than 7 million websites. This is indeed a number that can not be ignored. So let us take a closer look at some of those vulnerabilities.  WordPress Plugin Vulnerabilities Jetpack. With over 5 million installations this Plugin was affected by a Carousel Non-Published Page/Post Attachment Comment Leak. A patch is released in the latest version and you can find out more here. MC4WP: Mailchimp for WordPress. This very popular WordPress Plugin was hit by two medium-risk … [Read more...] about June WordPress Security Updates and News-Volume 1

May WordPress Security Updates and News-Volume 2

Every month is full of interesting and useful WordPress News and Updates; the second half of May was yet again a period filled with news.  WordPress News and Updates Happy 18th Birthday WordPress! On the 27th of May, WordPress celebrated its 18th Birthday! And what a magnificent milestone this has been... Since its last birthday, the 40th release has been rolled out and WordPress now is powering over 40% of the web. WordPress Plugin Vulnerabilities During the last half of May, there were 13 Plugin Vulnerabilities spotted. These include:  WP Super Cache. This popular WordPress plugin was detected with an Authenticated … [Read more...] about May WordPress Security Updates and News-Volume 2

How to trace and clean the monit.php hack

UPDATED: 14th July 2020 Let's start this tutorial with a tip, if you want to know your site has been infected by the monit.php hack add your site URL before this snippet and browse it: /wp-admin/options-general.php?page=monit If you see a page opening with settings and text strings then you're most probably hacked, if not you're probably safe. In both cases I suggest to follow the cleanup guide for the ofgogoatan.com redirect hack. Monit.php flagged as malware A few days ago we have been contacted by a client who was looking to clean his site from malware. While working on his site he noticed that some random code was … [Read more...] about How to trace and clean the monit.php hack

The WordPress Popup Builder Vulnerability

Malicious JavaScript code can be injected into Popups Several security flaws have been uncovered in the Popup Builder plugin code. Currently, this plugin has more than 200,000 active installs. Many site owners are still unaware of the issue. This plugin is regularly updated and maintained by the authors. However, it took them 7 days to release the patched version of the plugin. Meanwhile, many sites were exploited by hackers and those using an outdated version of the plugin are still at risk. One of the vulnerabilities tracked as CVE-2020-10196, can be used to collect the list of subscribers. Apart from that, an attacker can gather … [Read more...] about The WordPress Popup Builder Vulnerability

Why does my WordPress site keep getting hacked?

The bitter reality The reason why I decided to write this article is that many times our clients have found themselves in total despair and frustration when their WordPress site keeps getting hacked. Hacks such as the Japanese Keyword Hack or the Malware Redirect hack can break a WordPress site once. However, if you are not careful with your WordPress site, these hacks might reappear. Truth be told, the psychological and financial burden of a WordPress site that keeps getting hacked is massive and it can take a great toll on the user, the brand, the service. And those users who have gone through this experience multiple times, do … [Read more...] about Why does my WordPress site keep getting hacked?