Activity log for WPForms 1.1: logs for integration of third party services & more!

https://wpactivitylog.com/activity-log-wpforms-1-1/

We are excited to announce a new update of Activity Log for the WPForms. With this extension for the WP Activity Log plugin you can keep a log of changes your team does on forms and the WPForms plugin settings. In this update we focused mostly on improving the coverage of the activity logs; WP Activity Log keeps a record of when a user integrates or removes an integration with a third-party service, changes the currency, or installs, activates or deactivates an addon in WPForms. Let’s dive right in to see what are the new event IDs for changes in […]

How to Fix WordPress White Screen of Death

https://blogvault.net/wordpress-white-screen-of-death/

Is the white blank screen on your website driving you nuts? The WordPress white screen of death (WSOD) is one of the most common errors. Unfortunately, it incites unwanted panic and frustration, especially if you haven’t faced it before. In the time spent trying to detect and fix it, you stand to lose visitors, traffic, […] The post How to Fix WordPress White Screen of Death appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.

Fall 2020 New Product Updates!

https://s17528.pcdn.co/blog/fall-2020-product-updates/

Fall is here! Outside temperatures are settling down, teams are getting serious on 2021 strategy planning, and we’re all understanding how our jobs and products can evolve, and become even […]

How to Use WordPress User Roles for Improved WordPress Security

https://www.wpwhitesecurity.com/wordpress-user-roles-wordpress-security/

As a content management system, WordPress has a set user roles. In essence, these WordPress user roles define the capabilities (permissions to carry out specific website tasks) of each individual user on your website. As your site grows, it’s essential to understand those roles and capabilities to ensure the continued security of your website. Since assigning wrong user roles could lead to disastrous consequences. In this article, we’ll outline what user roles are (including custom roles), so you’ll know how to assign them correctly. We’ll also cover how to use WordPress plugins to manage and monitor the activity of your […]

Fortune 1000 Technology Insights

https://hackertarget.com/fortune-1000-technology-insights/

By using common Internet Security reconnaissance techniques, it is possible to develop insights into technologies used by the Fortune 1000 companies. A look at the technology stack of the companies main website, the Internet email gateway services, and the external name servers used by the companies primary domains provides a glimpse into the IT infrastructure. The http, smtp, and dns servers are hosted someplace. They may be within the companies own IP space or managed by third party cloud computing companies. Cloud computing adoption continues at a rapid pace, with Microsoft (Azure), Amazon (AWS), and Google (GCP) dominating the market. […]

WordPress Vulnerability Roundup: September 2020, Part 2

https://ithemes.com/wordpress-vulnerability-roundup-september-2020-part-2/

Quite a few new WordPress plugin and theme vulnerabilities were disclosed during the second half of September, making this one of our largest round-ups to date. In this post, we cover recent WordPress plugin, theme, and core vulnerabilities and what to do if you are running one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress plugins, and WordPress themes. In the September, Part 2 Report WordPress Core Vulnerabilities No WordPress core vulnerabilities were disclosed in the second of September. Just make sure you are running the […]

Critical Vulnerabilities Patched in XCloner Backup and Restore Plugin

https://www.wordfence.com/blog/2020/09/critical-vulnerabilities-patched-in-xcloner-backup-and-restore-plugin/

On August 14, our Threat Intelligence team discovered several vulnerabilities present in XCloner Backup and Restore, a WordPress plugin installed on over 30,000 sites. This flaw gave authenticated attackers, with subscriber-level or above capabilities, the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution on a vulnerable site’s server. Alternatively, an attacker could create an exploit chain to obtain a database dump due to the same unprotected AJAX endpoint, amongst other things. The plugin also contained several endpoints that were vulnerable to cross-site request forgery (CSRF). We initially reached out […]

How to fix HTTP 500 Internal Server Error in WordPress

https://blogvault.net/http-500-internal-server-error-wordpress/

Are you frustrated trying to fix the HTTP 500 Internal Server Error on your WordPress site?  You’re not alone. This is one of the most dreaded errors on WordPress because it never has a straightforward solution.  Troubleshooting can take a lot of time and meanwhile, your site is down. You lose visitors, traffic, SEO rankings, […] The post How to fix HTTP 500 Internal Server Error in WordPress appeared first on BlogVault – The Most Reliable WordPress Backup Plugin.

Episode 87: Vulnerabilities Affect Discount Rules for WooCommerce Plugin, ModSecurity & Windows

https://www.wordfence.com/blog/2020/09/episode-87-vulnerabilities-affect-discount-rules-for-woocommerce-plugin-modsecurity-windows/

Vulnerabilities were recently patched in the Discount Rules for WooCommerce plugin installed on over 40,000 WordPress sites. Developers from OWASP Core Rule Set said ModSecurity v3 is exposed to denial of service exploits, though the maintainers of ModSecurity reject that claim. A severe vulnerability called Zerologon in Windows Netlogon was patched in August; this bug could be exploited to attack enterprise servers. And a security researcher also discovered that the Windows TCPIP Finger command can also function as a file downloader and a makeshift command and control server. Last weekend, nearly 2,000 Magento stores were compromised in the largest hacking […]

How to log user activity on your website while employees are remote working

https://wpactivitylog.com/log-user-activity-remote-employees/

With the pandemic still very much a feature of working lives globally, the number of employees working remotely has dramatically surpassed pre-virus levels. Even after normality is hopefully restored at some point during 2021. It’s expected that at least 25-30% of employees will be working from home multiple days a week. Which begs the question, how can website-based businesses – which are particularly well-suited to remote working – manage their employees effectively during this period of ‘new normal’? In the case of a WordPress blog or eCommerce site, the easy answer is with the help of an employee activity log […]