In this post, we will look at how to use WPScan as a WordPress vulnerability scanner. This security tool provides you with a better understanding of your WordPress website and any vulnerabilities that may be present in your environment. It also happens to be pre-installed in Kali Linux. If you haven’t set it up yet, […]
Tag Archives: WordPress Security
WordPress Vulnerability & Patch Roundup November 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
Troubleshooting WordPress: How to Fix the White Screen of Death
Navigating to your WordPress site only to be met with the White Screen of Death (WSoD) can be a daunting experience. This error denies access to your site for both administrators and visitors, disrupting your website’s performance and user experience. Despite its prevalence, this common WordPress problem has a number of straightforward solutions. In this […]
WordPress Vulnerability & Patch Roundup October 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
How to Secure the WordPress Login Page
Given that WordPress powers millions of websites worldwide, it’s no surprise that it’s a prime target for malicious activities ranging from brute force attacks and hacking attempts to unauthorized access — all of which can wreak havoc on your site’s functionality, damage reputation, or even result in lost revenue and sales. A common entry point […]
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin for the popular tagDiv premium themes Newspaper and Newsmag). Shortly after that, we started noticing new waves of Balada malware injections on websites that were actively using tagDiv themes. This […]
Optimizing WordPress: Security Beyond Default Configurations
Default configurations in software are not always the most secure. For example, you might buy a network-attached home security camera from your friendly neighborhood electronics store. While these are handy to keep an eye on your property from the comfort of your phone, they also typically come shipped with a default username and password. And […]
WordPress Vulnerability & Patch Roundup September 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
What Is ‘Error Establishing a Database Connection’ & How To Fix It in WordPress
Experiencing the ‘Error Establishing a Database Connection‘ on your WordPress website? This common error indicates that your site is unable to connect to its database, rendering it inaccessible to users — and potentially impacting your visitors, user experience, and sales. In this blog post, we’ll explain what the database connection error means, common reasons for […]
How to Find & Fix Japanese SEO Spam
Japanese SEO Spam, also known as “Japanese keyword hack” or “Japanese SEO poisoning,” is a spammy search engine optimization technique used by black hat SEO artists to make a website show up in search engine results for spam keywords in Japanese language when they shouldn’t. In this post, we’ll detail what Japanese SEO spam is, […]
