ShieldNOTES Ep#13: Yoast Vulnerability, A Reminder, Fake E-Commerce & Free Page Builder Summit

May 13, 2024 by Paul G. | Blog, Security, ShieldNOTES

We’re halfway through May already… where has 2024 gone?!
We hope you’re having a great month so far! 🙂

#1 – Vulnerabilities: Yoast SEO

With 5+ million installations, you can expect this to be exploited.

How will I know I’m okay?
Upgrade ASAP to v22.6+

What’s the risk?
XSS allows unauthenticated attack to inject malicious code into your site!

Editor Comment
Please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.

More Info →

#2 – Vulnerabilities Reminder : LiteSpeed Cache

We sent a notice out about this some time ago, but with 5+ million installs, active exploitation is underway!

How will I know I’m okay?
Upgrade ASAP to v5.7.0.1+

What’s the risk?
Unauthenticated XSS allows unauthenticated attack to inject malicious code into your site!

Editor Comment
Please use ShieldPRO’s auto-upgrade feature for vulnerable plugins.

More Info →

#3 – Fake E-Commerce Stores Scam

850,000+ customers already fallen victim to fake webshops.

What’s the Risk?
A network of 10,000s webshops stealing customer credit card data.

How to mitigate the risk?
It’s as we always say, be skeptical and double-check what you’re buying and where you’re buying it from. If it’s a deal that’s too good to be true, it probably is. You can also try using this (German) site to check if a site is legit.

Editor Comment
Our advice is “Trust No-one (with your credit card)!”, or at the very least, “Trust, but Verify”.

More Info →

#4 – Page Builder Summit

If you love page builders, this free online conference is for you!

Free Access To Online Summit
It can never do any harm to checkout what’s out there that you might have missed, to improve your WordPress page building and further optimise your sites.

More Info →

Thanks for reading, and have a great week!

Paul Goodchild
Shield Security for WordPress

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials

@mikyo

Easy to setup

Easy to setup and easy to use.

@netmaus

Sehr gut

Sehr gutes Plugin

@physisbrasil

BEST FIREWALL AND GOOD SUPPORT

I am Helio from Brazil. Recently searched for a plug-in for WordPress Firewall and opted to use Simple Firewall. It’s a great plug in, and has good support from the developer, sir Paul I use and recommend to everyone.

@edwin-1

Great plugin

Great plugin which seems to work very well. Difficult for me to check what is really going on in the background because I do not have the knowledge for that. So what I can see directly is that it blocks a lot of hacking attempts and that makes me very…

Comments (2)

giulofiglio.com

May 13, 2024 6:54 pm

I have this security feature in my wordpress for a few years now. Lately I had someone altered the way shield security works, today I made an update and changed my security password and was locked out.
There are multiple warnings about shield functions being opened or unrestricted, and I can’t do anything about it. My recently updated password it is not recognized.