Wordpress Related News

Join the discussions about using Wordpress as a blogging platform and content management system for your website or blog.
Accrete
Administrator
Posts: 1265
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 767
Location: Canada
Has thanked: 22 times
Been thanked: 108 times
Contact:

Hidden WordPress 5.5 Feature Blocks Rogue Plugins

Post by Accrete »

A heads up that some of your Wordpress sites might be broken due to a new feature in Wordpress 5.5 that was not announced:
The newly updated WordPress 5.5 contains a feature that prevents rogue plugins from taking over WordPress sites. The change allows a WordPress site to check if a plugin is legitimate or not and to block it from updating if it is flagged as blocked from updating.
Continued: Hidden WordPress 5.5 Feature Blocks Rogue Plugins
August 13, 2020 Search Engine Journal


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Advertisement
Advertisement
Accrete
Administrator
Posts: 1265
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 767
Location: Canada
Has thanked: 22 times
Been thanked: 108 times
Contact:

Re: Wordpress Related News

Post by Accrete »

If you are seeing users added to your Wordpress install this might be why:
Our team recently stumbled across an interesting example of malicious code used to add an arbitrary user inside WordPress.

The following code was detected at the bottom of the theme’s functions.php. It uses internal WordPress functions like wp_create_user() and add_role() to create a new user and elevate its role to “administrator:”
Persistent WordPress User Injection
August 28, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Accrete
Administrator
Posts: 1265
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 767
Location: Canada
Has thanked: 22 times
Been thanked: 108 times
Contact:

WordPress 5.5.1 Maintenance Release

Post by Accrete »

Time to check your plugins are compatible with this new maintenance update if you are on auto update:
WordPress 5.5.1 is now available!

This maintenance release features 34 bug fixes, 5 enhancements, and 5 bug fixes for the block editor. These bugs affect WordPress version 5.5, so you’ll want to upgrade.

You can download WordPress 5.5.1 directly, or visit the Dashboard → Updates screen and click Update Now. If your sites support automatic background updates, they’ve already started the update process.

WordPress 5.5.1 is a short-cycle maintenance release. The next major release will be version 5.6.

To see a full list of changes, you can browse the list on Trac, read the 5.5.1 RC1 and 5.5.1 RC2 posts, or visit the 5.5.1 documentation page.
WordPress 5.5.1 Maintenance Release
September 1, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Accrete
Administrator
Posts: 1265
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 767
Location: Canada
Has thanked: 22 times
Been thanked: 108 times
Contact:

Threat actors target WordPress sites using vulnerable File Manager install

Post by Accrete »

Those using File Manager plug in need to have a look at this:
Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager.

Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager.
Continued: Threat actors target WordPress sites using vulnerable File Manager install
September 11, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Accrete
Administrator
Posts: 1265
Joined: Fri Nov 08, 2019 12:44 am
Latest blog post: Have You Read the Webmaster Guidelines Yourself?
Answers: 1
Reputation: 767
Location: Canada
Has thanked: 22 times
Been thanked: 108 times
Contact:

Discount Rules for WooCommerce WordPress plugin

Post by Accrete »

Those using the Discount Rules for WooCommerce WordPress plugin are encouraged to apply a third update to correct a flaw in the plugin:
Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopefully) final patch.


E-commerce sites using the WordPress plugin Discount Rules for WooCommerce are being urged to patch two high-severity cross-site scripting flaws that could allow an attacker to hijack a targeted site. Two fixes for the flaws, first available on Aug. 22 and second on Sept. 2, failed to patch the problem.

A third round of patches for the bugs became available to customers on Sept. 9. On Thursday, the Wordfence Threat Intelligence researchers that were tipped-off to the vulnerabilities, publicly disclosed the flaws and offered a technical analysis....
Stubborn WooCommerce Plugin Bugs Get Third Patch
September 18, 2020


Yours truly,
Accrete Web Solutions

SEO troubleshooting and review services available. - Pm me.
Post Reply

Return to “WordPress”

Who is online

Users browsing this forum: No members and 16 guests