Web Security

Security researchers from Wordfence discovered that the Orbit Fox WordPress plugin contained two vulnerabilities. One of them could lead to privilege escalation (rated critical), and the other one is a stored XSS flaw (rated medium). The Orbit Fox plugin has…

The use of the HTTP protocol as opposed to its secure version (HTTPS) is becoming a major issue in most contemporary sites. More and more applications and content management systems enforce the use of HTTPS, and the former “unsafe” HTTP…

If you are using the popular Easy WP SMTP WordPress plugin, you should know that researchers discovered a zero-day vulnerability in it. The plugin’s installations are more than 500,000, meaning that half a million websites are at risk. Furthermore, threat…

Security researchers uncovered two vulnerabilities in a WordPress plugin, this time affecting more than 200,000 websites. The PageLayer plugin contains two reflected XSS (cross-site scripting) flaws that could enable threat actors to execute malicious JavaScript code in an administrator’s browser.…

Is your website already running the latest version of WordPress? We are talking about WordPress 5.6, also known as the Nina Simone update. This is the final major release of the content management system planned for 2020, and it was…

Security researchers just reported that cPanel, perhaps the most common provider of admin tools for web hosting, is vulnerable. Security flaws resided in cPanel and WebHost Manager (WHM) web hosting platform, enabling remote hackers with valid credentials to bypass two-factor…

Security researchers recently detected a large-scale malicious campaign targeting themes that utilize the Epsilon Framework. Threat actors took advantage of Function Injection vulnerabilities in a number of WordPress themes. Epsilon Framework vulnerabilities in WordPress themes put millions of sites at…

Is your WordPress site using the Ultimate Member plugin? If so, you should be aware that the plugin contains critical privilege escalation vulnerabilities. To avoid any issues, you should update the plugin to the latest available version, 2.1.12, which was…

X-Cart is an e-commerce solution that was acquired by Seller Labs last year. According to X-Cart’s official website, the company has more than 20 years of experience. Unfortunately, the platform suffered a ransomware attack, which took place at the end…

WordPress released two subsequent updates in the past few days – WordPress version 5.5.2, shortly followed by version 5.5.3. The first of these updates contained minor bug fixes and security enhancements applied to the CMS code. The second update was…

In Mid-September, security researchers at Wordfence (Defiant) uncovered two severe vulnerabilities in Post Grid. Post Grid is a WordPress plugin with more than 60,000 installations, developed by PickPlugins. During the analysis, the team discovered almost identical vulnerabilities in Team Showcase,…

Have you ever considered what is behind Chrome’s web security? We at HowToHosting.guide will provide you with a quick overview of the safety behind Google’s browser, what settings you could tweak, and what options you have available for various operating…

XCloner Backup and Restore is a WordPress plugin with more than 30,000 installations. The plugin is designed to provide WordPress users with easily customizable backups and simple-to-use restore functionality. Unfortunately, Wordfence (Defiant) researchers recently discovered several vulnerabilities in the plugin,…

Having a website is a wonderful thing. It is a great business opportunity either for physical or online services. The website receives new people visits, some of them become new customers, and voila – your business scores another point for…

Ever doubted what exactly Web Security is? You will wonder no more after we at HowToHosting.guide provide you with a straightforward explanation and provide you with the main focus points of this IT sphere. Web Security is also known as…