WordPress Vulnerability Report: April 2021, Part 1

https://ithemes.com/wordpress-vulnerability-report-april-2021-part-1/

New WordPress plugin and vulnerabilities were disclosed during the first week of April. This post provides a report of recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability includes information on which version you should be running, so be sure to update! Each vulnerability will also have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on a Common Vulnerability Scoring System designed to help you […]

WordPress Vulnerability Report: March 2021, Part 4

https://ithemes.com/wordpress-vulnerability-report-march-2021-part-4/

New WordPress plugin and theme vulnerabilities were disclosed during the final week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the March, Part 4 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin Vulnerabilities […]

WordPress Vulnerability Report: March 2021, Part 3

https://ithemes.com/wordpress-vulnerability-report-march-2021-part-3/

New WordPress plugin and theme vulnerabilities were disclosed during the third week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common WordPress Vulnerability Scoring System. In the March, Part 3 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin […]

WordPress Vulnerability Roundup: March 2021, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-march-2021-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the third week of March. This report covers recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the March, Part 2 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress 5.7 “Esperanza” Released […]

WordPress Vulnerability Roundup: March 2021, Part 1

https://ithemes.com/wordpress-vulnerability-roundup-march-2021-part-1/

New WordPress plugin and theme vulnerabilities were disclosed during the first week of March. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the March, Part 1 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin Vulnerabilities […]

WordPress Vulnerability Roundup: February 2021, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-february-2021-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of February. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the February, Part 2 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. However, WordPress version […]

WordPress Vulnerability Roundup: February 2021, Part 1

https://ithemes.com/wordpress-vulnerability-roundup-february-2021-part-1/

New WordPress plugin and theme vulnerabilities were disclosed during the first half of February. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the February, Part 1 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have been disclosed this month. WordPress Plugin Vulnerabilities […]

WordPress Vulnerability Roundup: January 2021, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-january-2021-part-2/

New WordPress plugin and theme vulnerabilities were disclosed during the second half of January. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. This weeks WordPress Vulnerability Roundup is divided into four different categories: WordPress core, WordPress plugins, WordPress themes, and Server. Each vulnerability will have a severity rating of Low, Medium, High, or Critical. The severity ratings are based on the Common Vulnerability Scoring System. In the January, Part 2 Report WordPress Core Vulnerabilities No new WordPress core vulnerabilities have […]

New Linux Server Vulnerability

https://ithemes.com/new-linux-server-vulnerability/

Security researchers at Qualys discovered a Privilege Escalation vulnerability in the Linux program sudo. An attacker could exploit the vulnerability to increase the privileges and take over the server. How does this server vulnerability affect WordPress websites? The majority of the web runs on Linux, so the vulnerability affects most of the web. This includes WordPress websites hosted on Linux servers. One thing to keep in mind is that this is a server vulnerability, and your risk is based on your hosting environment. The risk will be higher for those in a shared hosting environment. If exploited, the vulnerability can […]

5 Common WordPress Security Issues

https://ithemes.com/wordpress-security-issues/

If you own a WordPress-powered website or are considering using WordPress as your CMS, you may be concerned about potential WordPress security issues. In this post, we’ll outline a few of the most common WordPress security vulnerabilities, along with steps you can take to secure and protect your WordPress site. Is WordPress Secure? The answer to the question “is WordPress secure?” is it depends. WordPress itself is very secure as long as WordPress security best practices are followed. According to the latest usage of content management systems data from W3Techs, WordPress powers 34% off all websites. So WordPress security vulnerabilities […]