WordPress Managed Hosting - 40% Off For 4 Months - Coupon Code: BFCM2021 Avail Now

WordPress Weekly News 005: Security Breaches, Vulnerabilities and much more

Moeez — February 9, 2017 3 Minutes Read

Hello WordPress friends time for me to bring you a whole bunch of news from the world of WordPress. It hasn’t been the best week for WordPress with bugs affecting thousands of WordPress websites.

Let’s see what we have in store for you in this week’s WordPress roundup!

Update Your WordPress Now

A bug was recently discovered in WordPress where a hacker could alter a website’s content. The web security firm Sucuri identified the bug earlier this year. It wasn’t announced until last week when WordPress finally rolled out 4.7.2 to fix the bug.

The bug, REST API Endpoint, somehow enabled hackers to change a website’s content. The hackers can also use short codes to inject ads and infect site with SEO spam campaign.

It is reported that around 67,000 websites were hacked in two weeks’ time, but WordPress has somehow managed to fix it before more damage is done

SSL is taking over the internet!

More than 50% of page loads are encrypted according to Mozilla Telemetry. Let’s Encrypt reported this milestone on its Twitter account.

Not only Mozilla, but also Google’s Transparency Report shows that half of the internet traffic is encrypted.

This means modern SSL solutions, like Let’s Encrypt and Cloudflare, are making it easier for website owners to deploy encryption on internet traffic.

WP-CLI 1.1.0 Released

WP-CLI 1.1.0 is now available which includes 23 command improvements and it comes just two months after 1.0.0. The 1.1.0 comes with 8 framework enhancements and other bug fixes.

Daniel Bachhuber, the project maintainer, shifted the focus to package ecosystem to better distribute the maintenance burden.

CLI 1.1.0 had around 16% increased contributors when compared to 1.0.0. The project is looking for helpers for project’s maintenance.

BlogVault Security Issue

BlogVault recently encountered a security breach. User websites were attacked by malware after being accessed without authorization. The WordPress backup service immediately started an investigation to figure out the issue.

In light of this event, the founder of BlogVault Akshat Chaudhary made an official statement ensuring customers of the precautionary measures BlogVault is taking to curb the situation. The backup provider has released an update to the affected plugin that patches the problem.

WP Super Cache fixes vulnerabilities

The super-fast caching engine releases update to fix multiple XSS vulnerabilities. 1.4.9 was released this week that fixes cross site scripting vulnerabilities.

An anonymous visitor cannot access the settings page and steal your login cookies. Along with patching vulnerabilities, the update also has a fix for people who host multiple sites using the plugin.

StudioPress Sites just made your life much easier!

StudioPress Sites has come up with a solution which will let you worry about everything other than your WordPress website. It is an all round solution which will take care of hosting, security and much more.

It is focused on people who are too busy to care about their WordPress website. If you are one of them, then this service is just for you.

WordPress tutorials and tips

How to Configure Google Search Console on WordPress

Top 6 WordPress mailing list building plugins that you should know about in 2017

That is all from this week’s WordPress roundup. Do share in the comments what I have missed out.

Create Faster WordPress Websites!

Free eBook on WordPress Performance right in your inbox.


    Create Faster WordPress Websites!

    Free eBook on WordPress Performance right in your inbox.

      Moeez is ‘The’ blogger in charge of WPblog. He loves to interact and learn about WordPress with people in the WordPress community. Outside his work life, Moeez spends time hanging out with his friends, playing Xbox and watching football on the weekends. You can get in touch with him at moeez[at]wpblog.com.

      THERE'S MORE TO READ

      Newsletter

        WordPress Help Zone - Ultimate WordPress Pit-Stop

        Learning WordPress? Or are you expert enough to help others? Join our WP Facebook group!