Orbit Fox Plugin Vulnerabilities Expose 40,000 WordPress Sites

Security researchers from Wordfence discovered that the Orbit Fox WordPress plugin contained two vulnerabilities. One of them could lead to privilege escalation (rated critical), and the other one is a stored XSS flaw (rated medium). The Orbit Fox plugin has…
HTTP vs HTTPS

The use of the HTTP protocol as opposed to its secure version (HTTPS) is becoming a major issue in most contemporary sites. More and more applications and content management systems enforce the use of HTTPS, and the former “unsafe” HTTP…
Easy WP SMTP Plugin Flaw Helps Hackers Reset Admin Account Passwords

If you are using the popular Easy WP SMTP WordPress plugin, you should know that researchers discovered a zero-day vulnerability in it. The plugin’s installations are more than 500,000, meaning that half a million websites are at risk. Furthermore, threat…
PageLayer Plugin Contains XSS Vulnerabilities, 200,000 Sites at Risk

Security researchers uncovered two vulnerabilities in a WordPress plugin, this time affecting more than 200,000 websites. The PageLayer plugin contains two reflected XSS (cross-site scripting) flaws that could enable threat actors to execute malicious JavaScript code in an administrator’s browser.…
WordPress 5.6 Possible Bugs and Issues: What Can Go Wrong?

Is your website already running the latest version of WordPress? We are talking about WordPress 5.6, also known as the Nina Simone update. This is the final major release of the content management system planned for 2020, and it was…
Security Flaw in cPanel and WHM Allowed 2FA Bypasses

Security researchers just reported that cPanel, perhaps the most common provider of admin tools for web hosting, is vulnerable. Security flaws resided in cPanel and WebHost Manager (WHM) web hosting platform, enabling remote hackers with valid credentials to bypass two-factor…
Vulnerabilities in WordPress Themes Put Millions of Sites at Risk

Security researchers recently detected a large-scale malicious campaign targeting themes that utilize the Epsilon Framework. Threat actors took advantage of Function Injection vulnerabilities in a number of WordPress themes. Epsilon Framework vulnerabilities in WordPress themes put millions of sites at…
Critical Bugs in Ultimate Member WordPress Plugin Endanger 100K Sites

Is your WordPress site using the Ultimate Member plugin? If so, you should be aware that the plugin contains critical privilege escalation vulnerabilities. To avoid any issues, you should update the plugin to the latest available version, 2.1.12, which was…
X-Cart E-Commerce Platform Hit by Ransomware, Stores Brought Down

X-Cart is an e-commerce solution that was acquired by Seller Labs last year. According to X-Cart’s official website, the company has more than 20 years of experience. Unfortunately, the platform suffered a ransomware attack, which took place at the end…
WordPress Version 5.5.2, 5.5.3: How Severe Are the Vulnerabilities Patched?

WordPress released two subsequent updates in the past few days – WordPress version 5.5.2, shortly followed by version 5.5.3. The first of these updates contained minor bug fixes and security enhancements applied to the CMS code. The second update was…
Post Grid and Team Showcase Plugins Contain Vulnerabilities

In Mid-September, security researchers at Wordfence (Defiant) uncovered two severe vulnerabilities in Post Grid. Post Grid is a WordPress plugin with more than 60,000 installations, developed by PickPlugins. During the analysis, the team discovered almost identical vulnerabilities in Team Showcase,…
What is Chrome Web Security?

Have you ever considered what is behind Chrome’s web security? We at HowToHosting.guide will provide you with a quick overview of the safety behind Google’s browser, what settings you could tweak, and what options you have available for various operating…
XCloner Backup and Restore WordPress Plugin Contains Critical Flaws

XCloner Backup and Restore is a WordPress plugin with more than 30,000 installations. The plugin is designed to provide WordPress users with easily customizable backups and simple-to-use restore functionality. Unfortunately, Wordfence (Defiant) researchers recently discovered several vulnerabilities in the plugin,…
Web Security: 3 Common Misconceptions That Put Your Website at Risk

Having a website is a wonderful thing. It is a great business opportunity either for physical or online services. The website receives new people visits, some of them become new customers, and voila – your business scores another point for…
What is Web Security?

Ever doubted what exactly Web Security is? You will wonder no more after we at HowToHosting.guide provide you with a straightforward explanation and provide you with the main focus points of this IT sphere. Web Security is also known as…