• How to Secure Your Website: Top Tips From Enterprise Security Experts

    What tools do you really need to secure a website? How to stay on budget without compromising. The most serious threats and vulnerabilities. More

  • Unauthenticated Stored XSS Fixed in WordPress Core

    WordPress Core recently released v6.5.2, fixing a Stored Cross‑Site Scripting issue in the Avatar block present in the 6.x versions. While investigating the patch made, we identified that it could lead to an Unauthenticated Stored Cross‑Site Scripting issue in the worse case scenario, however this case requires a specific configuration. Versions 6.5.2, 6.4.4, 6.3.4, 6.2.5, 6.1.6 More

  • What is an SQL Injection (SQLi)? How to Prevent SQLi Attacks

    Are your systems vulnerable? Everything you need to know about SQL injection attacks. See examples and learn how to detect and prevent them. More

  • The 16 Most Common Web Application Vulnerabilities Explained

    Did you know about all of these web application vulnerabilities? See how to defend against most threats in just 5 steps. Top tools for experts. More

  • 20 Website Security Services and How to Choose the Right One

    Which website security services do you really need? The most cost-effective solutions and the go-to tool enterprise experts use for threat analysis. More

  • Penetration Testing vs Vulnerability Scanning: Key Differences Explained

    Do you need both? Which is more cost-effective? Compare the benefits of penetration testing vs vulnerability testing & the best tools for strong results More

  • File Inclusion Vulnerability Fixed In Essential Blocks 4.4.3

    During an analysis of the Essential Blocks plugin, we discovered a pretty serious Local File Inclusion vulnerability that can be exploited by any attackers, regardless of whether they have an account on the site. When successfully exploited, this vulnerability may let attackers include arbitrary files hosted on the server to be parsed and executed as PHP More

  • Hardening WordPress: 26 Steps to Harden WP Like an Expert

    The 8 foundational security measures you need to know. Understand the threat landscape & how to harden WordPress to protect your most important assets. More

  • Stored XSS Fixed In WP Go Maps 9.0.28

    During an analysis of the WP Go Maps plugin (formerly WP Google Maps), we discovered a pretty serious Stored XSS vulnerability that can be exploited by any attackers, regardless of whether they have an account on the site. When successfully exploited, this vulnerability may let attackers perform any action the logged‑in administrator they targeted is allowed More

  • Stored XSS Fixed In Popup Builder 4.2.3

    During an analysis of the Popup Builder plugin, we discovered a pretty serious Stored XSS vulnerability that can be exploited by any attackers, regardless of whether they have an account on the site. When successfully exploited, this vulnerability may let attackers perform any action the logged‑in administrator they targeted is allowed to do on the targeted More