Category: Blog
Number of reported WordPress Plugin & Theme vulnerabilities doubled in the first 6 months of 2023
We recently introduced vulnerability detection in Really Simple Security and have been working on a database of vulnerabilities sourced from the open WordPress Vulnerability Database API project (https://www.wpvulnerability.com) since the beginning of 2023. We have been monitoring WordPress plugin and Theme vulnerabilities for years and have seen an increase in reported vulnerabilities yearly. Having access to detailed information in our own database enabled us to look closer into the details and numbers. We were surprised to find the number of
Really Simple Security (Pro) Nulled – About the Risks
I recently purchased a Nulled version on a WordPress marketplace, claiming so-called “Nulled” versions are a legitimate option for resellers to earn a buck on GPL licensed software. Instead of buying from the source, you’re buying the software from a reseller with a considerable discount. These resellers do not have any affiliation with the creators of the software. Nulled versions of WordPress plugins are paid or premium versions of freely available plugins in the WordPress repository. The license check, that is
Really Simple Security adapts to recent WP Engine changes
So what changed? WP Engine will drop support for the root file .htaccess. This is not uncommon, and several web servers, such as NGINX, do not support htaccess, and Really Simple Security still works. What is htaccess? The .htaccess file is a configuration file in the root of your domain that contains configurations for your webserver. Some configurations can be; Cache-control Rewriting URL’s Blocking IP Addresses Implementing HTTPS / HSTS Really Simple Security (and WordPress as well) can use the