Leveraging the WordPress Platform for SPAM

We’ve all seen WordPress comment and pingback spam, but thanks to strict moderation regimes and brilliant WordPress plugins that focus strictly on SPAM comments, comment spam isn’t a major problem for most websites these days. I have seen however, a new trend starting to emerge when it comes to spam involving WordPress. In recent years […]

WordPress Plugins to Streamline Your Business

Nowadays, most businesses rely on the internet to widen the range of people that they can reach. And to make others aware of the services that they offer. The article below is a good source of ideas for business owners that want to streamline their online business. How to Use WordPress Plugins to Streamline Your […]

Lima, Peru: CloudFlare’s 29th data center

Just when you thought we’d reached the end, CloudFlare’s Latin America data center expansion continues. Hot on the heels of our recent expansion into Santiago, São Paulo, and Medellin, this holiday season commences in Lima with our 29th data center globally, and our fourth in Latin America. Latin America is the fastest growing source of […]

Security Advisory – High Severity– WordPress Download Manager

Advisory for: WordPress Download Manager Security Risk: Very High Exploitation level: Easy/Remote DREAD Score: 9/10 Vulnerability: Code Execution / Remote File Inclusion Risk Version: <2.7.4 If you’re using the popular WP Download Manager plugin (around 850,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF), we found a dangerous […]

Security advisory – High severity – InfiniteWP Client WordPress plugin

Advisory for: InfiniteWP Client for WordPress Security Risk: High (DREAD score : 8/10) Exploitation level: Easy/Remote Vulnerability: Privilege escalation and potential Object Injection vulnerability. Patched Version: 1.3.8 If you’re using the InfiniteWP WordPress Client plugin to manage your website, now is a good time to update. While doing a routine audit of our Website Firewall […]

JoomDonation Compromised

We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into JoomDonation. The emails went to the proper account registered in there and contained the full names, so it looks like JoomDonation did in fact got breached. This is the full […]

Typos Can have a Bigger Impact Than Expected

Have you ever thought about the cost of a typo? You know what I mean, a simple misspelling of a word somewhere on your website. Do you think there’s a risk in that? You may have seen the Grammar Police all over your comments yelling that you used the wrong version of “your” and pointing […]

Website Malware Removal: Phishing

As we continue on our Malware Removal series we turn our attention to the increasing threat of Phishing infections. Just like a fisherman casts and reels with his fishing rod, a “phisher-man” will try their luck baiting users with fake pages, often in the form of login pages. These copied website pages are cast into […]

Security Advisory – High severity – WP-Statistics WordPress Plugin

Advisory for: WordPress WP-Statistics Plugin Security Risk: High (DREAD score : 7/10) Exploitation level: Easy/Remote Vulnerability: Stored XSS which executes on the administration panel. Patched Version: 8.3.1 If you’re using the WP-Statistics WordPress plugin on your website, now is the time to update. While doing a routine audit for our Website Firewall product, we discovered […]