ShieldNOTES Ep#4: Your Monday Morning Security Notes

March 10, 2024 by Paul G. | Security, ShieldNOTES

This week: a few more big vulnerabilities to look-out for, a piece from our archives, and the WCAsia livestreams.

#1 – Vulnerability: File Manager Free & Pro

Both the free & pro versions have serious vulnerabilities, with millions of installs, so make sure you’re on top of this one.

How will I know I’m okay?
Upgrade the plugin to at least v8.3.5

Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.

More Info →

#2 – Vulnerability: Avada Theme

This scores a horrible 9.9/10 in severity, where it lets the attacker upload any file to your site.

How will I know I’m okay?
Upgrade the plugin to at least v7.1.1.5

Editor Comment
If you use ShieldPRO’s automatic upgrader for vulnerable plugins/themes, this will be done automatically for you.

More Info →

#3 – 27+ Vulnerabilities (from the archives)

Still one of our most popular articles: 27+ WordPress vulnerabilities and what to do about them.

Why is this helpful?
It’s useful to start to become aware of what risks you and your WordPress sites really face.

Editor Comment
An ounce of prevention is worth a pound of cure, as the saying goes. Keeping security always in the back of your mind, and consider ways to mitigate risk before it’s an issue is a good security strategy.

More Info →

#4 – WordCamp Asia 2024 LiveStreams

In case you missed it, you can catch-up on WCAsia 2024 with all the livestreams.

Q&A With Matt
There’s also a Q&A with Matt Mullenweg here.

Editor Comment
All the livestreams are available on the WordPress Youtube channel. They’re long, so you may want to look up the schedule to help you pinpoint the talks that interest you.

More Info →

Have a fantastic week!

Paul Goodchild
Shield Security for WordPress

Hello dear reader!

If you want to level-up your WordPress security with ShieldPRO, click to get started today. (risk-free, with our no-quibble 14-day satisfaction promise!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and much, much more.

We'd be honoured to have you as a member, and look forward to serving you during your journey towards powerful, WordPress security.

Try ShieldPRO Today →

ShieldPRO Testimonials

@teunbakker

Great plug-in so far

I came from Wordfence (they’ve changed their focus), and was looking for a good security plug-in that woudl also allow two-step-authentication (2FA) as an extra security measure during login. Enter Shield: So far it’s worked completely worry-free and 2FA works great with google authenticator. Highly recommended.

@arissports

Great Plugin

Great plugin doing what it supposed to do.

@kaenor

Does its job perfectly, easy to use

This plugin is pretty straightforward, self-explaining, and easy to understand. Now it’s one of the plugins I install on every new WordPress site. Before I found it, I had to use several other plugins to do parts of what Shield achieves.

@connexuses

The Best

Great Plugin

ESSENTIAL WORDPRESS SECURITY NEWS

Get ShieldNOTES, our excellent weekly WordPress security newsletter!

ShieldNOTES Ep#4: Your Monday Morning Security Notes

#1 – Vulnerability: File Manager Free & Pro

#2 – Vulnerability: Avada Theme

#3 – 27+ Vulnerabilities (from the archives)

#4 – WordCamp Asia 2024 LiveStreams

Great plug-in so far

Great Plugin

Does its job perfectly, easy to use

The Best

Leave a Comment Cancel reply

Related Stories

ShieldNOTES Ep#7: AT&T, WP Migrate & The xz Backdoor

ShieldNOTES Ep#26: Many High-Risk Plugins & our Blog: WordPress Backdoor Threats

ShieldNOTES Ep#9: WP 6.5.2, Shield Upgrades & Elementor SPAM

ESSENTIAL WORDPRESS SECURITY NEWS