April 22, 2024 by Paul G. | Security, ShieldNOTES

ShieldNOTES Ep#10: How We Host Our Site, Forminator XSS and CSS Email Phishing

Today’s items are a mix of many different topics we felt you’d find interesting.

#1 – Forminator XSS Vulnerability

Not the highest severity, but upgrade asap.

How will I know I’m okay?
Upgrade Forminator to v1.29.3+

What about Forminator SPAM?
If you want to cut down on SPAM in your Forminator forms, consider using ShieldPRO’s bot-blocking feature. It’s a simple checkbox in your settings.

Editor Comment
We say it each week, but it’s important – please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.

More Info →

#2 – Shield Security Now Hosted with Convesio

You may have noticed how fast Shield’s website is running, recently.

What did we do?
We were managing our site hosting in-house. We just migrated to Convesio.

Why did we move?
We trialled with them for a couple of weeks and after experiencing their stellar support, we couldn’t resist 🙂

Not only that, their hosting technology is top-notch, and we take hosting quality, security and performance seriously.

More Info →

#3 – Email Phishing on HTML Emails using CSS

We wanted to share with you an interesting and altogether clever means of hiding phishing emails within HTML emails.

What’s The Issue?
Attackers can embed phishing content within HTML emails that are only displayed to recipients of the forwarded email.

How Can I Stay Safe?
The rule is always, always remain vigilant. Even if you receive an email from someone you trust, don’t mindless click links within it (it’s easily done!). Take a moment and review the content, and if you’re in doubt, browse to the purpoted website yourself, without using the link provided in email.

Stay vigilant!

Editor Comment
We’re sharing this to remind our members that security and risks are always evolving and the best defense is to try and remain hyper vigilant, particularly of your emails & SMS. Anything that is sent to you should be suspect.

More Info →

Thanks for reading, and have a wonderful week!

Paul Goodchild
Shield Security for WordPress

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@barrywade's Gravatar @barrywade

Great Product. Never had any problems

I use both the paid and free product and have found both easy to use and comprehensive. I have used other security products but after testing I prefer Shield. I have the paid version on a multisite set up and it works seamlessly. The flexibility it offers is great, with…

@bookwebber's Gravatar @bookwebber

A must have plugin

I’m actually on V 4.2 – not listed. My website is visited by lots of people in the US and other countries, so I feel like I need to protect it from malware or other destructive invaders. Simple Firewall gives me protection, and the Support Staff are very helpful –…

@cagor's Gravatar @cagor

cel mai bun asta fara reclama !!!!

Am incercat sa instalez mai multe tipuri de plugin de securitate pe siteul meu…pina la o mie vizitatori totul era ok dar cind siteul a crescut cele mai multe pluginuri (nu numai cele de securitate) au inceput sa-mi faca probleme (siteul se bloca, se bloca si serverele hostingului , erori…

@traceybarron's Gravatar @traceybarron

Fantastic Plugin with great support

I’ve used this plugin on many sites for some time now. It’s fantastic. Not only has it helped keep out any security threats, it’s a great way to check the audit trail of what’s been going on on our sites. It’s super configurable too. The support is great as well.…

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese