The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: WordPress SEO

How Activity Logs Help WordPress Admins Better Manage Website Security

How Activity Logs Help WordPress Admins Better Manage Website Security

August 20, 2019The Hacker News
Managing a WordPress website can sap a lot of your time and energy, which otherwise you'd spend on managing your business. If you're looking to cut down on the hours, you spend troubleshooting WordPress technical and security problems, better managing and monitoring your website and users, or your customers, you need a WordPress activity log plugin . This post explains how to use the WP Security Audit Log plugin to keep a WordPress security audit log (aka activity log). It also highlights five ways an activity log helps you better manage your website and users and improve its security. WordPress Security Audit Logs - Introduction and Benefits An activity log is a record of everything that happens on your WordPress website. This includes a record of plugins, themes, and WordPress core changes, users activity (such as content changes), site settings changes, break-in attempts, WooCommerce store, and product changes, and everything else that happens on your website. WordP
Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability

February 07, 2017Swati Khandelwal
Last week, we reported about a critical zero-day flaw in WordPress that was silently patched by the company before hackers have had their hands on the nasty bug to exploit millions of WordPress websites. To ensure the security of millions of websites and its users, WordPress delayed the vulnerability disclosure for over a week and worked closely with security companies and hosts to install the patch, ensuring that the issue was dealt with in short order before it became public. But even after the company's effort to protect its customers, thousands of admins did not bother to update their websites, which are still vulnerable to the critical bug and has already been exploited by hackers. While WordPress includes a default feature that automatically updates unpatched websites, some admins running critical services disable this feature for first testing and then applying patches. Even the news blog of one of the famous Linux distribution OpenSUSE (news.opensuse.org) was
'WordPress SEO by Yoast' Plugin Vulnerability Affects Millions

'WordPress SEO by Yoast' Plugin Vulnerability Affects Millions

March 11, 2015Mohit Kumar
A critical vulnerability has been discovered in the most popular plugin of the WordPress content management platform (CMS) that puts tens of Millions of websites at risks of being hacked by the attackers. The vulnerability actually resides in most versions of a WordPress plugin known as ' WordPress SEO by Yoast ,' which has more than 14 Million downloads according to Yoast website, making it one of the most popular plugins of WordPress for easily optimizing websites for search engines i.e Search engine optimization (SEO). The vulnerability in WordPress SEO by Yoast has been discovered by Ryan Dewhurst , developer of the WordPress vulnerability scanner ' WPScan '. All the versions prior to 1.7.3.3 of 'WordPress SEO by Yoast' are vulnerable to Blind SQL Injection web application flaw, according to an advisory published today. SQL injection (SQLi) vulnerabilities are ranked as critical one because it could cause a database breach and lead to confidential information
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.