CMS Blog

Businesses often incorporate open-source software without taking the "finishing" steps needed to adequately harden the server or software. We examine 8 of the most common security mistakes made.

Do not presume that WordPress’ most popular plugins are stable and secure. Even when flaws are identified and addressed by developers, it remains the website owner’s responsibility to install updates as soon as they become available.

Here are some of the factors that make your WordPress website more attractive to hackers, as well as indicators that a threat actor may already be trying to hack into your site.

WordPress's new "white screen of death" security feature is scheduled for release in patch 5.1. Problem is, it may make WordPress sites more vulnerable.

Recent news from the security world of WordPress is that a botnet of over 20,000 compromised WordPress websites is being used to attack other WordPress websites.

A massively popular WordPress multilingual plugin was hacked by a former employee who sent a mass email warning of security vulnerabilities. The plugin — WPML (or WP MultiLingual) — is an extremely popular (+600,000 active installations) paid plugin.

Recently, AMP for WP was subjected to a massive security vulnerability that put all +100,000 of its users at risk  —  you NEED to update your plugin ASAP!

To say that WordPress is popular would be an understatement. Over 30% of websites trust WordPress as their CMS. But, what happens when the world's most popular CMS isn't safe?

The AMP and GDPR plugin vulnerabilities discuss in this blog post have Ajax hook issues. Anyone with these plugins installed needs to update their website

The big news this week is the discovery of an exploit in the jQuery File Upload plugin - the second most downloaded jQuery-related project on Github