Since the Gutenberg WordPress editor became the default page editor, many WordPress users have started seeing “The response is not a valid JSON response” error messages on their website trying to update posts or upload media. While switching back to Continue reading How to Fix “The Response Is Not a Valid JSON Response” Message in WordPress
Wordfence protects over 4 million websites around the world on 12,000 unique networks, and we block over 1.8 billion attacks targeting those websites every month. For years we have had a relationship with our customers that is a virtuous cycle: Continue reading Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week
On June 24, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a Cross-Site Request Forgery vulnerability we discovered in Ecwid Ecommerce Shopping Cart, a WordPress plugin installed on over 30,000 sites. This vulnerability made it possible Continue reading Cross-Site Request Forgery Vulnerability Patched in Ecwid Ecommerce Shopping Cart Plugin
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes Continue reading WordPress Vulnerability Report – August 3, 2022
On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites. This flaw makes it possible for an authenticated Continue reading High Severity Vulnerability Patched in Download Manager Plugin
Most people would agree — living in a house full of accumulated debris and unnecessary objects can create a chaotic environment, and even cause health problems. This scenario is easily applicable to your website, too. You can think of your Continue reading 7 Tips to Clean & Maintain Your Website
This is an ‘ultimate’ or comprehensive guide to WordPress password protection for business website administrators and owners. It’s written for those who manage or are the administrators of WordPress websites. Roles aside, the next most vulnerable and easily hardened WordPress Continue reading WordPress Password Protection – A Complete Guide
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerabilities & Patch Roundup — July 2022
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes Continue reading WordPress Vulnerability Report – July 27, 2022
The “Error establishing a database connection” is one of the most common issues that WordPress website owners can encounter. Aside from being one of the most frequently seen WordPress error messages, it has also earned its place among the most Continue reading How to Fix The “Error Establishing a Database Connection” Message On Your Website
WebAssembly (also referred to as Wasm) is a binary instruction format that runs in the browser to enable high-performance applications on web pages and can be executed much faster than traditional JavaScript. WebAssembly can be executed in a variety of Continue reading Cryptominers & WebAssembly in Website Malware
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes Continue reading WordPress Vulnerability Report – July 20, 2022
WordPress file permissions play an integral role in the overall security of your WordPress website, which is why you should be sure to get them right. In this post, we’ll cover all you need to know about WordPress file permissions. Continue reading WordPress File Permissions: A Guide to Securing Your Website
There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to see trends and techniques emerge in the landscape. In my last presentation at WordCamp Europe, Continue reading Security Lessons Learned from 2021
The Wordfence Threat Intelligence team has been monitoring a sudden increase in attack attempts targeting Kaswara Modern WPBakery Page Builder Addons. This ongoing campaign is attempting to take advantage of an arbitrary file upload vulnerability, tracked as CVE-2021-24284, which has Continue reading PSA: Sudden Increase In Attacks On Modern WPBakery Page Builder Addons Vulnerability
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable plugins or themes Continue reading WordPress Vulnerability Report – July 13, 2022
Bitcoin prices are down 60% year to date, trading far from the all-time highs of $69,000 seen last November. Some altcoins have plummeted even farther in value, with digital currencies collapsing in value in the past six months. While we Continue reading Infected WordPress Site Reveals Malicious C&C Script
A successful WordPress security strategy should include steps to strengthen the WordPress login. In this post, we cover the five simple rules for better WordPress login security. The great thing about WordPress is how it makes creating a website accessible Continue reading 5 Simple Rules for WordPress Login Security
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious Continue reading SiteCheck Malware Trends Report – Q2 2022
Vulnerable plugins and themes are the #1 reason WordPress websites get hacked. The weekly WordPress Vulnerability Report powered by WPScan covers recent WordPress plugin, theme, and core vulnerabilities, and what to do if you run one of the vulnerable plugins or themes Continue reading WordPress Vulnerability Report – July 6, 2022