300,00+ Installations of Catch Themes WordPress Plugins Vulnerable via @sejournal, @martinibuster

Security researchers at WPScan and Wordfence have identified seventeen plugins published Catch Plugins (a division of Catch Themes, LLC) that have vulnerabilities. These vulnerabilities are rated as high and can result in an attacker being able to change the plugin configurations. Cross Site Request Forgery (CSRF) A user authentication exploit (lacking a capability check) and […]

Gutenberg Times: How to convert classic widgets to block widgets, Block Patterns to speed up site builds and What is a Universal theme? – Weekend Edition 190

Howdy, Some people in the community are worried about that WordPress 5.9 will change “everything”. Of Full site- editing, all you will see in 5.9 is a sneak preview of what will be, in an impressive way. But that doesn’t change anything, if you don’t want it to. There won’t be an overnight automatic update […]

WordPress Cache Plugin Exploit Affects +1 Million Websites

Popular WordPress plugin WP Fastest Cache plugin was discovered by Jetpack security researchers to have multiple vulnerabilities that could allow an attacker to assume full administrator privileges. The exploits affect over a million WordPress installations. WP Fastest Cache Plugin Vulnerabilities Description WP Fastest Cache is a WordPress plugin used by over a million WordPress websites. […]

WordPress Cache Plugin Exploit Affects +1 Million Websites via @sejournal, @martinibuster

Popular WordPress plugin WP Fastest Cache plugin was discovered by Jetpack security researchers to have multiple vulnerabilities that could allow an attacker to assume full administrator privileges. The exploits affect over a million WordPress installations. WP Fastest Cache Plugin Vulnerabilities Description WP Fastest Cache is a WordPress plugin used by over a million WordPress websites. […]

WPTavern: Jetpack Launches Commercial Backup Feature as a Standalone Plugin

Jetpack is splitting out its commercial Backup feature into a standalone plugin that can be used without installing the core Jetpack plugin. The commercial product includes automated daily or real-time backups with one-click restores, even for sites that are offline. Backups include all WordPress database, theme, and plugin files, which are stored on WordPress.com’s infrastructure […]