Using the WPScan plugin to find vulnerabilities in your WordPress website

Looking after the security of your WordPress website involves a lot of different tasks. One of the tasks is to make sure that the plugins, themes and WordPress version that you are using on your website do not have any known vulnerabilities. Luckily, this task can be automated with WPScan, a free WordPress plugin. The WPScan plugin can find out if the software you are running has vulnerabilities by carrying out regular scans. It checks the results against a dedicated up-to-date database of vulnerabilities, and informs you if there are any vulnerabilities on your website, such as SQL Injection. If […]

Join us for WordPress Translation Day Global Events in September 2021

WordPress contributors around the world are celebrating the sixth Global WordPress Translation Day throughout the entire month of September! That’s 30 days dedicated to help and encourage people to translate the software and its related resources. One of the highlights is a series of exciting core global events, starting on September 17 2021 and finishing on the United Nations’ International Translation Day itself on September 30, 2021. Everyone is welcome to watch these events live on YouTube and to share their translation stories which will be featured during the celebrations and beyond. The global events will be in English and […]

Nulled WordPress Plugins and Themes: 9 Reasons to Avoid Them

As a WordPress site owner, have you considered using nulled WordPress plugins and themes on your website? Or are you currently using a nulled WordPress plugin or theme on your WordPress site right now? If you’re not familiar with nulled WordPress plugins and themes, they’re pirated copies of the premium WordPress products that other users pay for. Of course, we’re all looking to save money and cut financial corners wherever we can. This is especially true if you’re running a WordPress site that doesn’t generate a lot of revenue. And wouldn’t it be amazing if you could get all the […]

WordPress 5.8.1 Security and Maintenance Release

WordPress 5.8.1 is now available! This security and maintenance release features 60 bug fixes in addition to 3 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 5.4 have also been updated. WordPress 5.8.1 is a short-cycle security and maintenance release. The next major release will be version 5.9. You can download WordPress 5.8.1 by downloading from, or visit your Dashboard → Updates and click Update Now. If you have sites that support automatic background updates, they’ve already started the update process. Security Updates 3 security issues […]

WP WhiteSecurity acquires Advanced noCaptcha & invisible Captcha (v2 & v3)

We are happy to announce our first plugin acquisition as we pursue our mission to build value-driven WordPress security and admin plugins. This new acquisition will undoubtedly help us deliver more value to our customers. The Advanced noCaptcha & invisible Captcha plugin complements our existing portfolio, which offers a robust set of WordPress plugins designed to improve the security and administration of websites and users. Why a CAPTCHA plugin? Through this acquisition, we will be better positioned to offer the WordPress community more ways to stay secure and protect their websites’ forms and login pages from automated spam and malicious […]

Password Policy Manager for WordPress Update 2.4.1 – Weekly summary email & other improvements

We are happy to announce update 2.4.1 of the Password Policy Manager for WordPress plugin. This update includes several new features and housekeeping updates designed to improve the plugin’s functionality, usability, and performance. Let’s dive right in to see what is new and improved in this update of our password security plugin for WordPress. What’s new? With update 2.4.1, we have sought to include additional security features designed to keep WordPress administrators informed and in control with the least amount of effort. With security becoming an increasingly important topic, we recognize that administrators need more robust tools to keep their […]

HTTP vs HTTPS: 5 Things to Know Before You Switch

What exactly is the difference between HTTP vs HTTPS? HTTP has been used by websites since the inception of the public Internet. However, in 2014, Google put out a strong recommendation that all websites switch from HTTP to HTTPS. Up until that point, it was mostly only e-commerce businesses that were employing HTTPS on their sites. To incentivize as many website owners as possible to make the switch from HTTP to HTTPS, Google announced that it would give sites using HTTPS a bump up in search engine rankings. This ultimately worked to punish websites that didn’t make the switch, by […]

Why you should use a log management service?

Logs provide the foundational data to support performance, user and technical monitoring on your WordPress sites and the web servers they run on and the services they use. Using logs, you can monitor user and system activity on your website and use the log data to understand who changed what and when. You can then use this log data to troubleshoot technical and administrative issues, increase user accountability, and improve the security of your WordPress site. Where logs really shine, however, is during troubleshooting. They are a bit like the flight data recorder or “black box” on an airliner. You […]

Terms of Use Violation

Wordfence is used by millions of free and paid customers around the world to secure their WordPress websites. We serve a broad range of customers across the globe, from diverse cultures, with diverse backgrounds, and who have diverse political views. As an organization, Defiant, the company that makes Wordfence, believes that everyone has the right to being secure and feeling secure. Our Terms of Use specifically include language that prevents the use of our product to harass another person or entity. The language reads as follows: “You agree not to use the Service in any way that would interfere with […]

10 Most Vulnerable WordPress Plugins (exploited by hackers)

In WordPress, popular plugins are often the most exploited plugins. There is a reason for that: the more popular a plugin is, the more sites it is installed on, and therefore the rewards of a vulnerability on a popular plugin are huge for a hacker.  In order to protect your website, it is important to […] The post 10 Most Vulnerable WordPress Plugins (exploited by hackers) appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.