WordPress Version 5.5.2, 5.5.3: How Severe Are the Vulnerabilities Patched?
WordPress released two subsequent updates in the past few days – WordPress version 5.5.2, shortly followed by version 5.5.3. The first of these updates contained minor bug fixes and security enhancements applied to the CMS code. The second update was…
Post Grid and Team Showcase Plugins Contain Vulnerabilities
In Mid-September, security researchers at Wordfence (Defiant) uncovered two severe vulnerabilities in Post Grid. Post Grid is a WordPress plugin with more than 60,000 installations, developed by PickPlugins. During the analysis, the team discovered almost identical vulnerabilities in Team Showcase,…
What is Chrome Web Security?
Have you ever considered what is behind Chrome’s web security? We at HowToHosting.guide will provide you with a quick overview of the safety behind Google’s browser, what settings you could tweak, and what options you have available for various operating…
XCloner Backup and Restore WordPress Plugin Contains Critical Flaws
XCloner Backup and Restore is a WordPress plugin with more than 30,000 installations. The plugin is designed to provide WordPress users with easily customizable backups and simple-to-use restore functionality. Unfortunately, Wordfence (Defiant) researchers recently discovered several vulnerabilities in the plugin,…
Web Security: 3 Common Misconceptions That Put Your Website at Risk
Having a website is a wonderful thing. It is a great business opportunity either for physical or online services. The website receives new people visits, some of them become new customers, and voila – your business scores another point for…
What Is а Web Security Gateway?
This article has been created with the main idea to help explain what exactly is the Web Security Gateway technology and how both companies and end-users can benefit from this technology for server safety. Here, we aim to explain to…
Attacks against Sites Running a Vulnerable Version of File Manager Plugin
Security researchers recently reported a File Manager plugin vulnerability. Which initially endangered more than 700,000 WordPress sites. However, in a few days, the number of attacked sites reached 2.6 million. Multiple Attackers Exploiting the File Manager Plugin Vulnerability According to…
Advanced Access Manager WordPress Plugin: Vulnerable
Researchers unearthed two vulnerabilities in a well-known plugin for WordPress, called Advanced Access Manager. The plugin has more than 100,000 installations. One of the security issues is severe and could lead to privilege escalation and site takeover, so if your…
Starting September, Apple Won’t Support SSL & TLS Issued for More than 398 Days
From September 1 onwards Apple’s browser Safari will not support SSL and TLS certificates issued for periods longer than 398 days. This is the equivalent of one year, with the renewal grace period included. The reason for this change is…
Quiz and Survey Master WordPress Plugin Contains Critical Flaws
Yet another vulnerable plugin was recently discovered by the Wordfence (Defiance) team. Two security flaws were unveiled in Quiz and Survey Master (QSM) WordPress plugin installed on more than 30,000 sites. Quiz and Survey Master is easy to use add…
CVE-2019-16759: vBulletin Zero-Day Exploit Disclosed
The security community has posted details of a dangerous new security bug in the vBulletin forums plugin which is categorized as a zero-day exploit tracked in CVE-2019-16759. Proof-of-concept is also available and according to the available information the bug is…
Bugs in Newsletter Plugin for WordPress Put 300,000 Sites at Risk
Newsletter is a WordPress plugin with more than 300,000 installations. Unfortunately, security researchers at Wordfence recently discovered a set of vulnerabilities in the Newsletter plugin – one was recently patched, and other two which were more severe. The latter flaws…
Magento Receives Security Updates for Critical Vulnerabilities
Two code execution vulnerabilities were fixed by Adobe in Magento Commerce versions 2.3.5-p1 and earlier, and Magento Open Source versions 2.3.5-p1 and earlier. One of the vulnerabilities is rated as critical (CVE-2020-9689), and the other one as important (CVE-2020-9691). Vulnerabilities…
Comments – wpDiscuz WordPress Plugin Contains Critical Vulnerability
A critical vulnerability was discovered in the Comments – wpDiscuz WordPress plugin which has been installed on more than 80,000 sites. The vulnerability has already been fixed. Affected versions of the plugin include versions 7.0.0 – 7.0.4. According to Wordfence…
Using Pirated WordPress Plugins Can Bring a Backdoor to Your Site
Vulnerabilities and stolen login credentials are used in most attacks against websites. However, another risk also exists, and it involves the unintentional installation of backdoors on websites. This can be done by tricking website owners into installing a backdoor hidden…
KingComposer WordPress Plugin Has a Reflected XSS Bug
The KingComposer WordPress plugin has been found to contain several vulnerabilities that could lead to access control over compromised sites. The plugin has been installed on more than 100,000 sites. During their investigation, Wordfence researchers discovered an unpatched reflected cross-site…
Adning Advertising WordPress Plugin Contains Critical Vulnerabilities
In late June 2020, researchers discovered two vulnerabilities in the Adning Advertising plugin. One of them was critical, with a CVSS (Common Vulnerability Scoring System) score of 10. The Adning plugin is a premium plugin with more than 8,000 customers.…
Secure DNS Scam (DNSSEC) Targets WordPress Bloggers
According to Sophos cybersecurity researchers, a new scam targeted at WordPress bloggers is currently circling the web. Over the weekend, the researchers received a well-crafted scam message that looked more convincing than many other scams out there. DNS Scam Targeting…
Hackers Exploit Misconfigured Kubernetes Nodes in Microsoft Azure Cloud
Computer hackers have been found to hijack misconfigured Kubernetes nodes, an integral part of the Microsoft Azure Cloud. This is one of the most important services offered by the company as they are part of complex services deployed by clients.…
2.3 Tbps DDoS Attack Hit AWS, and It’s the Largest One So Far
The largest DDoS attack ever took place this February, according to Amazon. The company recently shared a report in which the incident was detailed, including other web attacks mitigated by Amazon’s AWS Shield protection service. The DDoS attack, specifically, reached…
While we may earn affiliate commissions from some of the companies featured, these commissions do not compromise the integrity of our reviews or influence our rankings.
The affiliate earnings contribute to covering account acquisition, testing expenses, maintenance, and development of our website and internal systems.
Trust HTH.Guide for reliable hosting insights and sincerity.