Monthly WordPress Security Roundup [May 2021]

https://www.getastra.com/blog/cms/wordpress-security/monthly-wordpress-security-roundup-may-2021/

Hello everyone, it’s Kanishk again from Astra Security, bringing you the latest WordPress security with another version of our Monthly WordPress Security Roundup for May 2021.  Through this article, we will be discussing the vulnerabilities disclosures & bug fixes in the WP core, database, plugins and themes, and some other security issues related to the WordPress CMS platform. So, let’s get started! In May 2021, WordPress fixed a medium severity vulnerability named Object Injection in PHPMailer that impacted sites running on WordPress versions between v3.7 and v5.7. The vulnerability is fixed in the latest version WordPress 5.7.2  that was released […]

WordPress XML-RPC Exploit: Everything You Need to Know

https://www.getastra.com/blog/cms/wordpress-security/wordpress-xml-rpc-exploit-everything-you-need-to-know/

If you are here searching for ways to disable XML-RPC to secure your website from WordPress XML-RPC exploit, you are in the right place. But before that, you need to know the answers to these questions. What is XML-RPC.php? How can an XML-RPC exploit put your website at risk? Is disabling XML-RPC exploit going to solve everything? What can be the alternative to disabling the XML-RPC feature? Through this article, we will try to give answers to all these questions and a lot more. What is XML-RPC? WordPress XML-RPC is an API (application program interface) that enables the transfer of […]

WordPress Brute-Force Attack and How to Prevent It

https://www.getastra.com/blog/cms/wordpress-security/prevent-wordpress-brute-force-attack/

If you are concerned about your WordPress website getting bombarded with brute-force attack attempts, your concern is well-placed. Brute force attacks are currently one of the most common forms of hacking. According to the Data Breach Investigations Report in 2020 by Verizon, the brute-force method was involved in over 80% of the attacks in one way or another. In a WordPress brute-force attack, hackers utilize the trial and error method to break into the security system of your website. Once they are in, they can take over the entire execution and data of your website. They can use your WordPress […]

Monthly WordPress Security Roundup [October 2020]

https://www.getastra.com/blog/cms/wordpress-security/october-wordpress-security-roundup-2020/

Hello everyone, it’s Kanishk again from Astra Security – bringing you another edition of the Monthly WordPress Security Roundup for October 2020. Today we’ll discuss the introduction of new WordPress v5.6 features, core changes, recent vulnerabilities found in WP plugins and themes, and some other security issues. So, let’s get straight into the news. WordPress 5.6 to introduce new features Last month WordPress released its 5.5.1 maintenance version with some bug fixes and core changes and is already planning for its next major release WordPress 5.6 on targeted release date 08th December 2020.  WordPress 5.6 will be the third major […]

WordPress Security Keys and Salts – All You Need To Know [2020]

https://www.getastra.com/blog/cms/wordpress-security/wordpress-security-keys-and-salts-all-you-need-to-know/

One of the easiest things you can do, yet something that will go a long way in securing your website is to change your WordPress Security Keys and Salts. In this article, we focus on what they are and how they ensure that your website remains safe from hackers. What WordPress Security Keys and Salts Are WordPress security keys and salts are cryptographic tools that help secure your WordPress site’s login. Essentially, a salt is random data – usually extra characters – added to a password. WordPress uses salts to help protect passwords when they’re being stored in the backend. […]

Monthly WordPress Security Roundup [September 2020]

https://www.getastra.com/blog/cms/wordpress-security/wordpress-security-roundup-september-2020/

Hello everyone, it’s Kanishk again from Astra Security. This is another edition of our “Monthly WordPress Security Roundup” for September 2020. Today we’ll discuss core vulnerabilities in WordPress 5.5.1, vulnerabilities in WP plugins and themes, and some other security issues. So, let’s get straight into the news. This month, no major core vulnerabilities were discovered in WordPress 5.5.1, however, we’ve seen numerous customers complaining that their site is breaking due to issues related to the JQuery Migrate plugin after the latest update of WordPress 5.5 which was pushed last month in August. If you have faced similar issues then here […]

Monthly WordPress Security Roundup [August 2020]

https://www.getastra.com/blog/cms/wordpress-security/monthly-wordpress-security-roundup-august-2020/

Hello everyone, it’s Kanishk from Astra Security. This is another edition of the Monthly WordPress Security Roundup for August 2020. Today we’ll discuss the core changes in the new WordPress 5.5 updates, recent vulnerabilities found in WP plugins and themes, and some other security issues. So, let’s get straight into the news. WordPress rolls out version 5.5 On 11th August, WordPress rolled out its latest version 5.5 with the changes to its block editor interface (1500+), enhancements and feature requests (150+), bug fixes (300+), and more. The update also added a new feature called ‘Automatic updates’ for themes and plugins […]