News

Wordfence Intelligence Launching at Black Hat 2022 in Las Vegas Next Week

By Mark Maunder / August 4, 2022

Wordfence protects over 4 million websites around the world on 12,000 unique networks, and we block over 1.8 billion attacks targeting those websites every month. For years we have had a relationship with our customers that is a virtuous cycle: We receive attack reports from our customers at a rate of over 700 reports per […]

Read More

Cross-Site Request Forgery Vulnerability Patched in Ecwid Ecommerce Shopping Cart Plugin

By Marco Wotschka / August 4, 2022

On June 24, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a Cross-Site Request Forgery vulnerability we discovered in Ecwid Ecommerce Shopping Cart, a WordPress plugin installed on over 30,000 sites. This vulnerability made it possible for attackers to modify some of the plugin’s more advanced settings via a forged request. […]

Read More

High Severity Vulnerability Patched in Download Manager Plugin

By Chloe Chamberland / August 3, 2022

On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability we discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites. This flaw makes it possible for an authenticated attacker to delete arbitrary files hosted on the server, provided they have access to create […]

Read More

7 Tips to Clean & Maintain Your Website

By Michael Evert / August 2, 2022

Most people would agree — living in a house full of accumulated debris and unnecessary objects can create a chaotic environment, and even cause health problems. This scenario is easily applicable to your website, too. You can think of your hosting environment as the home where your website lives.   It’s extremely easy for hosting accounts […]

Read More

Analyzing Attack Data and Trends Targeting Log4J

By Topher Tebow / August 2, 2022

The Log4j vulnerability, initially reported in November 2021, has affected millions of devices and applications around the world. It has the potential to allow a malicious actor to take full control of vulnerable devices. As a result of how Log4j controls the logging of strings and code, the vulnerability allows malicious actors to inject malicious […]

Read More

WordPress Vulnerabilities & Patch Roundup — July 2022

By Antony Garand / July 29, 2022

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]

Read More

DHL Phishing Page Uses Telegram Bot for Exfiltration

By Krasimir Konov / July 26, 2022

One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can typically be found masquerading as a trusted or recognizable service, intent on tricking unsuspecting users into submitting sensitive information on the attacker’s customized web page. Criminals use phishing because it […]

Read More

How to Change WordPress Username?

By Srikant Mahapatra / July 25, 2022

WordPress is the most popular content management system in the world. It powers 43% of all websites on the Internet. And due to its popularity, it is a popular target for hackers. According to a 2018 Sucuri report, 90% of all CMS-based websites cleaned by it during that year were WordPress websites. No WordPress user […]

Read More

Cryptominers & WebAssembly in Website Malware

By Cesar Anjos / July 21, 2022

WebAssembly (also referred to as Wasm) is a binary instruction format that runs in the browser to enable high-performance applications on web pages and can be executed much faster than traditional JavaScript. WebAssembly can be executed in a variety of environments, including servers, IoT devices, and mobile or desktop apps — but was originally designed […]

Read More

About Us

I believe that everyone should have a mechanic that they can trust and after spending several years helping out various customers for large companies I've seen my fair share of issues.

Honesty, Integrity, and Compassion are what we share with everyone that we work with. Stop scouring the internet for help and see how we can help you today.

Our Services

Website Migrations

Plugin & Theme Updates

IDX Broker Customizations

Facebook Chatbots

DNS & Email Integrations

logo

E-mail: contact@thewpmechanic.com