plugin
-
Blog
Security plugin flaw in millions of WordPress sites gives admin access
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin ‘Really Simple Security’ (formerly ‘Really Simple SSL’), including both free and Pro versions. Really Simple Security is a security plugin for the WordPress platform, offering SSL configuration, login protection, a two-factor authentication layer, and real-time vulnerability detection. Its free version alone is used in over four million websites. Wordfence,…
Read More » -
Blog
Electric Vehicles & Plug-In Hybrids Qualifying for Federal Tax Credit
To qualify for a tax credit of up to $7,500, a new EV or eligible plug-in hybrid vehicle (PHEV) must meet certain rules: • A vehicle’s MSRP must not exceed certain limits, so pricey EVs like the GMC Hummer EV, Lucid Air, and Tesla Model S won’t qualify. For SUVs, pickup trucks, and vans, the threshold is $80,000. For sedans,…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/25654314/STK302_WORDPRESS_C.jpg)
WordPress.org’s latest move involves taking control of a WP Engine plugin
WordPress.org has taken over a popular WP Engine plugin in order “to remove commercial upsells and fix a security problem,” WordPress cofounder and Automattic CEO Matt Mullenweg announced today. This “minimal” update, which he labels a fork of the Advanced Custom Fields (ACF) plugin, is now called “Secure Custom Fields.” It’s not clear what security problem Mullenweg is referring to…
Read More » -
Blog
Jeep Grand Cherokee, Wrangler Plug-In Hybrids Recalled for Fire Risk
Vehicles Recalled • Jeep Wrangler 4xe SUVs manufactured between July 1, 2020, and Nov. 16, 2023.• Jeep Grand Cherokee 4xe SUVs manufactured between May 17, 2021, and Nov. 16, 2023. The problem: Separator damage within the high-voltage battery pack may lead to a vehicle fire. Jeep is investigating the root cause of the problem along with Samsung SDI, the battery manufacturer.…
Read More » -
Blog
Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. The plugin was promoted as a screen-sharing tool for secure Off-The-Record (OTR) protocol and was available for both Windows and Linux versions…
Read More » -
Blog
Hackers are exploiting critical bug in LiteSpeed Cache plugin
Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public. The security issue is tracked as CVE-2024-28000 and allows escalating privileges without authentication in all versions of the WordPress plugin up to 6.3.0.1. The vulnerability stems from a weak hash check in…
Read More »
