Security

Critical Vulnerabilities in Ninja Forms, The Events Calendar; & Safe Theme Update Strategies
High-risk vulnerabilities hit Ninja Forms and The Events Calendar, impacting more than a million sites, with several other widely-used plugins close behind. Stay protected and preserve your tweaks with our safe theme update strategies.
Continue Reading →
FluentForm, Post SMTP, OceanWP and More; & WordPress Rolls Out Telex AI Tool
High-profile plugins and themes remain vulnerable for another week. Meanwhile, WordPress is pushing forward with Telex, a new AI tool to lower the barrier to web development.
Continue Reading →
Major WordPress Plugins Under Fire; & Disaster Recovery Guide
This week sees several hugely popular plugins with vulnerabilities, including a sensitive data exposure vulnerability in the Gutenberg block plugin. From our blog, stay ready with the WordPress disaster recovery guide to help you bounce back if the worst happens.
Continue Reading →
Unpatched Critical Vulnerabilities; & How to Rescue Lost Content
Redirection for CF7 and WP Crontrol take centre stage in this week’s plugin threat landscape. Ever had a heart-stopping ‘Oops! Deleted!’ moment with WordPress content? Our recovery blog has your back.
Continue Reading →
Latest Plugin Vulnerabilities & Complete Staging Site Tutorial
Even minor issues in widely used WordPress plugins like Elementor, or ProfilePress can have a big impact. Stay informed with this selection and follow our staging site guide to create a safe testing environment.
Continue Reading →
Cracks in Leading Plugins Affect Millions; & Trojan Malware Alert; & WooCommerce Defense Advice
Millions of WordPress sites are under attack, thanks to weak spots in popular plugins and theme—and now the Efimer Trojan malware is joining the fight. Stay ahead with our roundup and WooCommerce safety guide.
Continue Reading →
AI Engine Vulnerability Tops Plugin Security Alerts
Following a short pause, we're back with critical WordPress security updates. This edition covers multiple popular plugin flaws—most notably, a sophisticated high-risk attack on the AI Engine plugin affecting thousands of sites.
Continue Reading →
More Elementor Vulnerabilities & the WCEU Countdown
We've got ongoing Elementor security issues this week, new AI moves from WordPress, and WCEU is right around the corner.
Continue Reading →
ShieldBACKUPS (beta) is live! & WooCommerce, Jetpack and More Bugs Threaten Millions;
It’s been a hectic week in WordPress security, with several top plugins flagged—TI WooCommerce Wishlist scoring a critical 10/10 and no patch in sight. We've released ShieldBACKUPS, and you can also check out our blog about the benefits of regular updates and safe update practices.
Continue Reading →How to Prevent and Detect WordPress Theme Hacks
Uncover hidden WordPress theme vulnerabilities and protect your site. Learn advanced techniques to detect, prevent, and recover from sophisticated theme hacks.
Continue Reading →