Connect with us


Over 1.6 Million WordPress websites are under active Cyberattack



There’s a large-scale attack campaign against WordPress websites by exploiting bugs of plugins and themes. As per a report by WordPress security company Wordfence, as many as 1.6 million WordPress sites are being targeted by an active attack originating from 16,000 IP addresses.

In most attacks, it updates the users_can_register option to enabled and sets the default_role option to ‘administrator‘. So, an attacker can now register on the website as an administrator and take over the website.

These attacks are exploiting vulnerabilities in four plugins and 15 Epsilon Framework themes. Here’s the list of plugins and themes that are being exploited by the attack.

The impacted Plugins

  • Kiwi Social Share (<= 2.0.10)
  • WordPress Automatic (<= 3.53.2)
  • Pinterest Automatic (<= 4.14.3)
  • PublishPress Capabilities (<= 2.3)

Some of these plugins have been updated to fix the issues but several websites are still using old versions.

The impacted Epsilon Framework themes

  • Activello (<=1.4.1)
  • Affluent (<1.1.0)
  • Allegiant (<=1.2.5)
  • Antreas (<=1.0.6)
  • Bonkers (<=1.0.5)
  • Brilliance (<=1.2.9)
  • Illdy (<=2.1.6)
  • MedZone Lite (<=1.2.5)
  • NatureMag Lite (no known patch available)
  • NewsMag (<=2.4.1)
  • Newspaper X (<=1.3.1)
  • Pixova Lite (<=2.0.6)
  • Regina Lite (<=2.0.5)
  • Shapely (<=1.2.8)
  • Transcend (<=1.1.9)

WordFence claims that it saw a spike in attacks after December 8.

To check if your website has been compromised by these attacks, review the user accounts on the site to determine if there’s any new unauthorized user accounts. If you are using any of the vulnerable versions of the plugin or theme, update ir or remote it.


Customize Your Entire Site With New Block Themes – News



Customize Your Entire Site With New Block Themes – News

Customize Your Entire Site With New Block Themes

Experiment with a new look for your site with themes created to take advantage of Full Site Editing.

In case you missed it, we’ve been rolling out a new set of powerful site design tools called Full Site Editing (or “FSE”) and it’s now available for all users!

Don’t worry if you’re just hearing about Full Site Editing for the first time. We’ve been releasing these new tools in a way that doesn’t actually require you to do anything with your existing site(s). If you are up for a change though, we’re happy to announce the launch of a brand new family of themes made specifically with Full Site Editing features in mind. As of this writing we have over two dozen themes available that support Full Site Editing.

These new themes have been designed with a wide variety of sites cases in mind. But their potential stretches well beyond their screenshots and demo sites. Because each theme is fully editable in the Site Editor, every one of these themes can be heavily customized to fit your site’s needs. You can start with theme that features single minimalist homepage, and then add as many menus and sidebars as you wish. Or, you can start with a complex business theme and strip it down to something minimal to suit your vision.

The Site Editor also includes a new feature called “Global Styles,” which allows you to edit site-wide settings for color, typography, and more. You’re free to change your theme’s default color scheme to whatever fits your mood, or even make all site text larger or smaller in a couple of clicks. To kick off this new feature, we’re also providing a few pre-built variations on some of these new themes.

All the new themes and variations can be found in the Theme Showcase. Or, if you’re starting a fresh site, they’ll be offered to you automatically in the site creation flow. This collection of themes is just the beginning, and we’re excited to continue launching a variety of diverse theme options for you. What would you like to see in the next set of themes on

Source link

Continue Reading

Subscribe To our Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address