As always, Everything I.T. is doing our best to keep you informed and secure so you can protect your websites from vulnerabilities on the web. The NEWEST ONE: There has been a new woocommerce vulnerability found in a WooCommerce plugin called Product Venders If you want to read the whole article, where the vulnerability occurs, the workaround, etc, then you can read it on WordFence here: XSS VULNERABILITY FOUND ON WOOCOMMERCE
The Everything I.T. help forum that was recently created, went down shortly after being created because the software wasn’t compatible with the latest version of PHP…but it’s back up and running again. So if you have any questions you need help with, you can post there and get help for free.
Today I was cleaning out some stuff, and I found an old camera SD card with a bunch of old photos on it. This is just one image that shows how long I’ve been repairing computers and other electronics…and how much LESS junk I accumulate now that things are shrinking in size, and BOY am I GRATEFUL! And notice all the USPS boxes I used to have to hang on to to ship leftovers I sold on eBay. I stopped that a long time ago also.
I’m glad I don’t need all this space any more.
I try to stay up on what some of the most drastic compromises are, and today, WordFence put out another notice, this time about 8 compromised GOOGLE CHROME EXTENSIONS, and how those hacks where used to compromise websites via CLOUDFLARE again. This is the 2nd time Cloudflare has come up in a new discoveries list of compromises. (see my other post) I’m sure glad I never used it. I even thought about it after the last one, because I thought “well, they’ve plugged the holes, maybe it’s good now” …but luckily, I didn’t pursue that. This Cloudflare compromise is big, and affects 4.8 million users. And even though I do use “1” of them, probably the most common one, Web Developer extension, I think I’m ok, because it’s .4.8 that is affected, and I’m on version .5. So keeping things updated, obviously pays off. If you want to read the article and want to know what the other 7 extensions that are affected are, READ HERE: https://www.wordfence.com/blog/2017/08/chrome-browser-extension-attacks/?utm_source=list&utm_medium=email&utm_campaign=081717
Yep. That’s right. Version 4.8.1 is out…so keep your site secure, and go update it! Just my courtesy notification for you… I just tested it, updated the first 5 sites, and no glitches, not even one! 🙂