May 13, 2024 by Paul G. | Blog, Security, ShieldNOTES

ShieldNOTES Ep#13: Yoast Vulnerability, A Reminder, Fake E-Commerce & Free Page Builder Summit

We’re halfway through May already… where has 2024 gone?!
We hope you’re having a great month so far! 🙂

#1 – Vulnerabilities: Yoast SEO

With 5+ million installations, you can expect this to be exploited.

How will I know I’m okay?
Upgrade ASAP to v22.6+

What’s the risk?
XSS allows unauthenticated attack to inject malicious code into your site!

Editor Comment
Please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.

More Info →

#2 – Vulnerabilities Reminder : LiteSpeed Cache

We sent a notice out about this some time ago, but with 5+ million installs, active exploitation is underway!

How will I know I’m okay?
Upgrade ASAP to v5.7.0.1+

What’s the risk?
Unauthenticated XSS allows unauthenticated attack to inject malicious code into your site!

Editor Comment
Please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.

More Info →

#3 – Fake E-Commerce Stores Scam

850,000+ customers already fallen victim to fake webshops.

What’s the Risk?
A network of 10,000s webshops stealing customer credit card data.

How to mitigate the risk?
It’s as we always say, be skeptical and double-check what you’re buying and where you’re buying it from. If it’s a deal that’s too good to be true, it probably is. You can also try using this (German) site to check if a site is legit.

Editor Comment
Our advice is “Trust No-one (with your credit card)!”, or at the very least, “Trust, but Verify”.

More Info →

#4 – Page Builder Summit

If you love page builders, this free online conference is for you!

Free Access To Online Summit
It can never do any harm to checkout what’s out there that you might have missed, to improve your WordPress page building and further optimise your sites.

More Info →

Thanks for reading, and have a great week!

Paul Goodchild
Shield Security for WordPress

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials
@rock12345's Gravatar @rock12345

All-in-One – Done Well

Glad to tout this plugin. It replaced several other plugins (that didn’t do as good a job on comment spam, firewall and controlling automatic updates). Simple Firewall does all of them better than some of the best dedicated plugins. Thank yoou !

@afperry's Gravatar @afperry

My preferred option

Excellent. My preferred option after trialling six other well-known freebies (all good but all different).

@normsash's Gravatar @normsash

Could this replace multiple plugins?

Update: Things are still looking great with Shield! On all of my sites I have traditionally used a combination of plugins to enforce security and hack protection. Recently I’ve been testing out Shield to see if I could replace all/most of my traditional plugins with just Shield. So far, things…

@auralsolutions's Gravatar @auralsolutions

Simple to use, but powerful and full featured

This plugins allows all of our sites to be secured against attacks and it does it pretty well. It’s not difficult to configure and has many very good protection layers for your WordPress intall. Really recommended.

Comments (2)

    I have this security feature in my wordpress for a few years now. Lately I had someone altered the way shield security works, today I made an update and changed my security password and was locked out.
    There are multiple warnings about shield functions being opened or unrestricted, and I can’t do anything about it. My recently updated password it is not recognized.

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese