![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
What To Know About Medium-Level WordPress Vulnerabilities
The facts about medium-level vulnerabilities and whether they’re something to worry about
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
2024 WordPress Vulnerability Report Shows Errors Sites Keep Making
2024 WordPress vulnerability report shows top reasons why many WordPress sites were compromised over the past year
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Discovers XSS Vulnerability – Recommends Updating To 6.5.2
WordPress recommends updating to version 6.5.2 to patch an XSS vulnerability
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
XSS Vulnerability Affects Beaver Builder WordPress Page Builder
Vulnerability discovered in the Beaver Builder WordPress page builder that can enable an attacker to inject a malicious script
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Backup Plugin DoS Vulnerability Affects +200,000 Sites
A high severity Denial of Service vulnerability patched in WordPress backup plugin with +200,00 installations
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Mozilla VPN Security Risks Discovered
Third party security audit uncovers several security risks in the Mozilla VPN service
![Kristi Hines](https://www.searchenginejournal.com/wp-content/uploads/2023/01/kristi-hines-edit-63b495906440c-sej-65x65.png)
Microsoft Mitigates Hacker Access To Government Email Accounts
Find out how Microsoft resolved a security breech of the email accounts of 25 organizations, including government agencies.
![Brooke Osmundson](https://www.searchenginejournal.com/wp-content/uploads/2022/12/brooke-osmundson-63a41d33a4ab2-sej-65x65.jpg)
Google To Remove Inactive Accounts
Google will start removing inactive accounts that have been dormant for two years. Read more about the policy change and implications.
![Matt G. Southern](https://www.searchenginejournal.com/wp-content/uploads/2023/08/img_2023-08-30-161412-64efa3348bb9d-sej-65x65.jpeg)
Google Strikes Back: A Legal Victory Against CryptBot Malware Distributors
Google triumphs in legal action against CryptBot malware distributors, protecting Chrome users and disrupting cybercriminal ecosystems.
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Hit With Multiple Vulnerabilities In Versions Prior To 6.0.3
WordPress recommends immediate action to fix multiple vulnerabilities discovered in versions prior to 6.0.3
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Rackspace Hosted Exchange Outage Due to Security Incident
Details emerge that Rackspace outage due to a security incident – Customers encouraged to migrate to Microsoft 365
![Matt G. Southern](https://www.searchenginejournal.com/wp-content/uploads/2023/08/img_2023-08-30-161412-64efa3348bb9d-sej-65x65.jpeg)
Google Shares New Info About Vulnerabilities Found In Chrome
Google security researchers are sharing new information about vulnerabilities detected in Chrome, Firefox, and Windows.
![Brooke Osmundson](https://www.searchenginejournal.com/wp-content/uploads/2022/12/brooke-osmundson-63a41d33a4ab2-sej-65x65.jpg)
Google Updates Its Guide on Preventing Spam and Abuse
Learn how to prevent spam and abuse to your website with Google’s updated guide for web developers.
![Matt G. Southern](https://www.searchenginejournal.com/wp-content/uploads/2023/08/img_2023-08-30-161412-64efa3348bb9d-sej-65x65.jpeg)
DuckDuckGo Now Says It Will Block Microsoft Trackers
DuckDuckGo responds to recent criticism saying the third-party tracking scripts it blocks will now include scripts from Microsoft.
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Proposal To Improve Security & Performance of Plugins
WordPress proposal takes aim at improving security and performance of third party plugins
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
HubSpot WordPress Plugin Vulnerability
HubSpot WordPress Plugin, used by over 200,000 publishers, patched a Server Side Request Forgery vulnerability
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Vulnerability Found in WordPress Anti-Malware Firewall
Reflected XSS vulnerability was patched in Anti-Malware Security and Brute-Force Firewall WordPress Plugin
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Elementor Plugin Remote Code Execution Vulnerability
A Remote Code Execution Vulnerability discovered in the Elementor Website Builder plugin that can lead to full site takeover
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
ACF WordPress Plugin Vulnerability Affects Up To +2 Million Sites
Advanced Custom Fields plugin patched a Missing Authorization vulnerability that allows an attacker to view database information
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Stored XSS Vulnerability – Update Now
Stored XSS Vulnerability discovered in WordPress can lead to full site takeover by hackers
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Google Acquires Cybersecurity Firm Mandiant
In a sign of the critical importance of cybersecurity for all businesses, Google Cloud announces acquisition of cybersecurity firm Mandiant
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Advisories To Increase Website Security After Russian Attack
Fight back against increased cyber attacks with these free tools and resources
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
5 HTTP Security Headers You Need To Know For SEO
Are security headers a part of your SEO audits? Here’s why they should be, alongside the top security headers you need to know.
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Backup Plugin Vulnerability Impacted 3+ Million Installations
UpdraftPlus WordPress Plugin vulnerability potentially compromised over 3 million installations
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
Critical Vulnerability Strikes Magento Open Source and Adobe Commerce
Critical Arbitrary Code Execution Vulnerability rated 9.8 on a scale of 1 – 10 is actively being exploited by hackers
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Vulnerability in Essential Addons for Elementor
1+ Million WordPress sites affected by vulnerabilities that could lead to remote code execution attacks
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
All In One SEO Vulnerability Affects +3 Million Sites
All In One SEO Plugin patched SQL Injection vulnerability that could expose privileged database information
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
cPanel Plugin Contains Log4j Vulnerability
cPanel plugin contains the critically vulnerable log4j library affected by what is being called a catastrophic vulnerability
![Miranda Miller](https://www.searchenginejournal.com/wp-content/uploads/2022/04/miranda-miller-2022-625f1c1491323-sej-65x65.jpeg)
Catastrophic Log4j Security Fail Threatens Enterprise Systems & Web Apps Worldwide
The vulnerability, listed as CVE-2021-44228 in Apache Log4j Security Vulnerabilities, enables remote attackers to take control of an affected system.
![Roger Montti](https://www.searchenginejournal.com/wp-content/uploads/2017/12/martinibuster_400x400-65x65.jpg)
WordPress Template Plugin Vulnerability Hits +1 Million Sites
WordPress plugin by the makers of Astra Theme patched an XSS vulnerability that can lead to total site takeover and attacks on site visitors