All websites running WordPress urged to update NOW

Millions of websites running WordPress are being strongly urged to update to the latest version of the popular content management system as soon as possible, after a serious security vulnerability was uncovered.

“Today, a significant SQL-Injection vulnerability was fixed in WordPress 4.8.3. Before reading further, if you haven’t updated yet stop right now and update.”

Read more… https://www.welivesecurity.com/2017/11/01/wordpress-update-now/

WordPress: block anonymous Rest API access

The most recent version of WordPress ships with new REST API capabilities which plugins, apps, services, or the WordPress core can utilize.

The WordPress development team pushes new features to WordPress all the time. Many of those features improve the functionality of WordPress significantly.

Every now and then though, features get added that are problematic from an admin or user point of view.  The main issue with the bulk of these changes is that they cannot be disabled easily. I have disabled Emojis and XML-RPC here on this site for instance.

Read More … https://www.ghacks.net/2016/12/27/wordpress-block-anonymous-rest-api-access-information-leak/
 

 

How WordPress Ate The Internet in 2016… And The World in 2017

WordPress is the most popular CMS in the world and is used by nearly 75 million websites. According to WordPress, more than 409 million people view more than 23.6 billion pages each month and users produce 69.5 million new posts and 46.8 million new comments every month. It also powers more than 25% of the world’s websites.

Read more… http://www.forbes.com/sites/montymunford/2016/12/22/how-wordpress-ate-the-internet-in-2016-and-the-world-in-2017/

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability.

WordPress version 4.7.2 was released on January 26 as a security update, but the accompanying release notes only mentioned fixes for three moderate risk vulnerabilities, one of which did not even affect the platform’s core code.

http://www.csoonline.com/article/3164554/security/wordpress-silently-fixes-dangerous-code-injection-vulnerability.html

 

How to keep your WordPress Site protected

WordPress holds the lion’s share (possibly as high as 59.3 percent) of systems used for running business websites online today. Unfortunately, being at the top of the charts in popularity also makes this open-source tool a top hacking target. It makes sense. If you can hack a platform like WordPress,

Read the complete story: http://www.goshennews.com/news/business/how-to-keep-your-wordpress-site-protected/article_b9e4d74b-7143-5c29-8d38-a258a497178c.html

WordPress Websites Being Assaulted Through Fresh 0-Day within Plugin for WP Mobile Detector

Security patch was issued for certain WordPress plugin on 2nd June, 2016 after nearly a week when reports emerged about public assaults exploiting a zero-day flaw.

When the public assaults started, the WP Mobile Detector had to be withdrawn from the Plugin Directory of WordPress. However, on the 2nd, it was

Read the complete story: http://www.spamfighter.com/News-20313-WordPress-Websites-Being-Assaulted-Through-Fresh-0-Day-within-Plugin-for-WP-Mobile-Detector.htm

How to set up two-step authentication for WordPress.com

Continuing our series on setting up two-factor authentication (2FA), today let’s check out how to get 2FA enabled on your WordPress.com account.

An important thing to note: This guide is specifically for WordPress accounts used via WordPress.com – NOT for self-hosted WordPress sites. (There are 2FA plugins you can install on your self-hosted

Read the complete story: https://nakedsecurity.sophos.com/2016/07/11/how-to-set-up-two-step-authentication-for-wordpress-com/

7 Ways to Optimize Your WordPress Website

WordPress is considered an excellent platform for budding entrepreneurs to create websites for their startup or small business. This content management service (CMS) is used by millions of business owners who live in every corner of the world. More than 400 million websites worldwide are powered by WordPress, including more than 100 million in the United States. WordPress sites around the world publish posts every 17 seconds. Most of the top one million websites in the world are powered by WordPress and related to business. These facts clearly show the significance of WordPress as a content management service for businesses of all sizes.

Read more … http://www.entrepreneur.com/article/251504

 

5 Tips for Designers New to WordPress

WordPress design opens huge possibilities for both designers and developers. What’s more, you can bet this isn’t just a passing fashion. WordPress is really great and it’s definitely here to stay.

If you haven’t jumped on the WordPress wagon by now, you’ve certainly missed a lot. Don’t worry, it’s never too late to join. If you’re a designer (be it graphic or web) and you’re considering switching to WordPress, here is some advice to help designers new to WordPress.

Read more … http://www.sitepoint.com/designers-new-to-wordpress/