Pin It

Security Risk: Severe Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation / Content Injection Patched Version: 4.7.2 There is a Content Injection Vulnerability in WordPress versions 4.7 and 4.7.1. While working on WordPress, the Sucuri security team discovered a severe content injection vulnerability affecting the REST API in these two versions of WordPress. This…

Read the rest of this article…

Brute Force Attack

With WordPress being the most popular site building tool in use today, that also makes sites built with it a target for hackers. And sometimes those sites are very easy targets when little or no security precautions are taken. Hack attacks come in various guises but one of the better known is the Brute Force…

Read the rest of this article…

Broken Links On A Website

This article will describe how to find broken links on a WordPress site and how to fix broken links. Later, I’ll look at what causes them, the consequences of having bad links on a site and why you should fix them as quickly as you can. What Are Broken Links? You website may link to…

Read the rest of this article…

WordPress 4.6.1

A new version of WordPress (4.6.1) was released recently to address an important security flaw. WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename, reported by SumOfPwn researcher Cengiz Han Sahin; and a path traversal vulnerability in the upgrade package uploader, reported by Dominik Schilling from…

Read the rest of this article…

WooCommerce Plugin Security Vulnerability

The company that supervises WordPress and WooCommerce development, Automattic, has patched a persistent XSS (cross-site scripting) vulnerability in the WooCommerce e-commerce plugin for WordPress. This was an important and crucial fix as the vulnerability could potentially have affected over 1 million e-commerce stores built using the plugin on the WordPress blogging platform. This month (July,…

Read the rest of this article…

"All In One SEO Pack" Plugin Security Vulnerability

In an interesting development, it’s been found that there’s a security vulnerability in older versions of the popular All In One SEO Pack plugin. (Note: this plugin is not used in the blogs we build here at Top Design Blogs). The vulnerability allows an attacker to store malicious code in the website’s Admin panel that…

Read the rest of this article…

WordPress Redirect Hack

This email is to notify you of a malware campaign targeting WordPress websites, in which the attackers are injecting a highly conditional malicious redirect. It randomly affects your users, and pushes them to default7 (.)com / test0 (.)com / test246 (.)com domains, in which they then perform a Drive-by-Download attack on the user – targeting…

Read the rest of this article…

Using Affiliate Links Effectively On Your Blog

If you do affiliate marketing you’ll know that many affiliate links are long and ugly, containing what looks like a random mix of characters. When a visitor comes to your site and sees a link like that appear in their browser status bar, they can find it offputting. The link may go to a site…

Read the rest of this article…

SEO in 2016

Adaptation is the name of the game in 2016 where SEO is concerned and here’s why: 1. Build Deep Links Not Wide Links You’ve probably noticed that the area available to actual search results on Google’s results page is getting smaller and smaller as Google add more ads and prioritize its own content (or content…

Read the rest of this article…

WordPress Hacked

Over the last few weeks, I’ve seen the number of hacking attempts on my sites increase. I get literally hundreds, if not thousands, of alerts from my sites letting me know about Brute Force Attacks, most of which involve someone firing numerous login attempts at my WordPress blogs in the hopes they’ll get access. While…

Read the rest of this article…