WordPress Plugin Vulnerability Report – Widgets for Google Reviews – Authenticated (Editor+) Arbitrary File Upload – CVE-2023-48275

Plugin Name: Widgets for Google Reviews Key Information: Software Type: Plugin Software Slug: wp-reviews-plugin-for-google Software Status: Active Software Author: trustindex Software Downloads: 4,619,317 Active Installs: 300,000 Last Updated: November 22, 2023 Patched Versions: 11.1 Affected Versions: <= 11.0.2 Vulnerability Details: Name: Widgets for Google Reviews <= 11.0.2 – Authenticated (Editor+) Arbitrary File Upload Title: Authenticated…

Read More

How to Choose Between Manual and Automated WordPress Maintenance

If you’re running a small business owner, you’re likely wearing many hats and juggling countless tasks. And if you’re using WordPress for your website (which, let’s be honest, is pretty likely considering WordPress powers over 40% of the web), that’s another hat to add to your collection: The WordPress maintenance hat! Before you start panicking…

Read More

WordPress Plugin Vulnerability Report – Comments – wpDiscuz – Unauthenticated SQL Injection

Plugin Name: Comments – wpDiscuz Key Information: Software Type: Plugin Software Slug: wpdiscuz Software Status: Active Software Author: advancedcoding Software Downloads: 2,865,421 Active Installs: 80,000 Last Updated: September 18, 2023 Patched Versions: 7.6.6 Affected Versions: <=7.6.5 Vulnerability Details: Name: wpDiscuz <= 7.6.5 – Unauthenticated SQL Injection Type: Improper Neutralization of Special Elements used in an…

Read More

WordPress Plugin Vulnerability Report: Starter Templates – Incorrect Authorization – CVE-2023-41805

Plugin Name: Starter Templates Key Information: Software Type: Plugin Software Slug: astra-sites Software Status: Active Software Author: brainstormforce Software Downloads: 38,934,354 Active Installs: 1,000,000 Last Updated: September 8, 2023 Patched Versions: 3.2.6 Affected Versions: <=3.2.5 Vulnerability Details: Name: Starter Templates <= 3.2.5 – Incorrect Authorization Type: Missing Authorization CVE: CVE-2023-41805 CVSS Score: 4.3 (Medium) Publicly…

Read More

What Is WordPress Maintenance in 2023?

Does your WordPress site run slower than you’d like? WordPress is a powerful platform, but it needs to be maintained to stay fast, secure, and reliable. That’s where Your WP Guy comes in. We offer comprehensive WordPress maintenance services that keep your site running like new. Proper WordPress maintenance keeps your website running well. And…

Read More

What Is the WordPress Database and How Does It Work?

Considering there are over 1.5 billion websites worldwide, it’s never been more important to have an exciting website. However, the pressure of building a site that holds a candle to the competition, while also keeping track of updates can feel overwhelming. Thankfully we have an amazing platform called WordPress that we can utilize. What we…

Read More

What is a WordPress Maintenance Plan?

what-is-a-wordpress-maintenance-plan-your-wp-guy tiles on a red, yellow and orange background spelling out plan a b or c

Did you know there are over 1.9 billion websites online? HOLY URLS BATMAN! If you want to compete with them, you should consider a maintenance plans for your WordPress site. The right maintenance plans can help keep your site secure and up to date. Then, your site can run quickly and smoothly to help support…

Read More