by Kim Kuhlman | Feb 25, 2019 | Security |
WordPress 5.1 Dropped Last Week WordPress vulnerabilities in WP Core through version 5.0.3 have been published by US-CERT. One allows a Path Transversal in the wp_crop_image() variable. This flaw has been present in WordPress for a long time. If you’ve made...
by Kim Kuhlman | Jan 22, 2019 | Security |
January 28th is Data Privacy Day! Data Privacy Day (DPD) will be held on January 28th, 2019. It is an annual effort to promote data privacy awareness and education. DPD 2019 is sponsored by the National Cyber Security Alliance (NCSA), focus around the theme, A New Era...
by Kim Kuhlman | Apr 12, 2018 | Security |
Just now on CBS This Morning, I learned that Cloudflare, a well-known CDN provider, had launched it’s new 1.1.1.1 DNS network on April 1, 2018. Yeah, I’m a little late to the party, but better late than never. 1.1.1.1 Cloudflare DNS could potentially...
by Kim Kuhlman | Mar 6, 2018 | Security |
Another week gone and more WordPress vulnerabilities to report. See US-CERT Bulletin (SB18-064) for more information. This week it’s two VERY popular plugins (1M active Installations), both of which I use on almost all of my websites. The first is iThemes...
by Kim Kuhlman | Feb 26, 2018 | Security |
In a never-ending quest to get webmasters to think about WordPress security, here is the latest update from the U.S. Dept. of Homeland Security’s National Cyber Awareness System. There were five new vulnerabilities discovered in four plugins in the WordPress...
by Kim Kuhlman | Dec 23, 2017 | Security |
I’m very excited to announce that I’ll be speaking on basic WordPress Security at WordCamp Albuquerque on January 19th, 2018. This was a very busy week when it comes to hackers attacking WordPress websites. I talk to people about WordPress security best...
by Kim Kuhlman | Feb 4, 2017 | Security |
You may be thinking, “Who in the world would want to hack my lowly little WordPress website?” Well 48 hours worth of data from a brand spanking new WordPress website may just show you. I installed a fresh copy of WordPress on a new domain on February 1, 2017. By...
by Kim Kuhlman | Dec 2, 2016 | Security |
SSL Certificates are Now Required by Chrome Update: January 9, 2017 Google has finally rolled out changes in Chrome that make the fact that you don’t have an SSL Certificate glaringly obvious to your visitors. Elegant Themes has posted a nice piece about it,...