ShieldNOTES
High-Stakes Plugin Risks & Mastering X-XSS-Protection
This week, Everest Forms tops the vulnerability list again. We’re taking a closer look at what needs patching, how to tighten defenses with X-XSS-Protection, and what’s ahead for WordPress developers.
Continue Reading →
WordPress Vulnerabilities, Malware Threats; & Recovery Guide
From unpatched vulnerabilities to hidden malware in the ‘mu-plugins’ directory, this roundup covers recent WordPress security threats, with a link to our recovery guide in case things go wrong.
Continue Reading →
Recent WordPress Risks; & Improve HSTS Security
New WordPress vulnerabilities in plugins and themes, including persistent Elementor issues, have surfaced this week. We also have a blog article that walks you through HSTS security for your sites.
Continue Reading →
Critical WordPress Threats; & Shield Your Comment Forms
A wave of security risks is hitting countless WordPress sites this week, fueled by WP Ghost, while DollyWay malware continues to target thousands. Explore our blog for smarter solutions to fight spam and protect your comment forms.
Continue Reading →
Unmasking Hidden Risks in Plugins & Themes; Catch and Crush Malware
WordPress plugins and themes, both big and small, continue to hide security risks—one affects 5+ million installs. Plus, discover how to spot and tackle malware threats.
Continue Reading →
Weekly Vulnerabilities; Trust-Building and Performance Strategies
This is a fresh roundup of plugin and theme vulnerabilities with key maintenance steps to keep your WordPress site secure, reliable, and performing at its best.
Continue Reading →
Some vulnerable plugins removed from WP.org; & the ‘Security Through Obscurity’ myth
There's a few ultra critical vulnerabilities this week, with some removed from the WP repo. You can check out the upcoming WP virtual conference and uncover the "Security Through Obscurity" myth from our blog archive.
Continue Reading →
Ongoing Attacks on Major Plugins, Millions Exposed; & Best Practices for Handling WordPress Automatic Updates
While it's a calm week in WordPress security, high-traffic plugins like Elementor, SVG Support continue to be targeted, affecting millions. We're also sharing one of our blog articles on best practices for balancing control and security in WordPress automatic updates.
Continue Reading →
Recurring Vulnerabilities in Avada, Forminator, Rank Math SEO; X-Frame Guide for Advanced User Security
Security patches are required for a few widely used plugins and themes with recurring vulnerabilities, including the Widget Options plugin having a high severity and no fix yet. Don’t miss the latest WordPress news and X-Frame options guide for advanced security, from our blog archive.
Continue Reading →
High Risk Plugins; & Expert Advice for Faster, Safer WordPress Sites; & 2.5 Billion Gmail Accounts at Risk
Today, we cover the latest plugin security risks, including a few severe vulnerabilities in popular plugins, and recurring issues with WPForms. Expert tips for further securing and optimizing your WordPress sites are at the end, along with a Google warning about an AI-driven Gmail phishing attack.
Continue Reading →