WordPress Security Blog

Statistics highlight the biggest source of WordPress vulnerabilities

WordPress vulnerabilities statistics show that the main source of WordPress vulnerabilities are in WordPress plugins. These vulnerabilities statistics also show how important it is to always run the latest version of WordPress core, plugins and themes.

Admin Notices Manager – announcing the new plugin

The WordPress Admin Area can be packed with lots of popups, reminders, and advertisements. Even though some of these notices might not be that useful, there are many other admin notices that are helpful and need your attention. It’s easy to imagine that all WordPress users enjoy the same clean, well-organized Admin experience. We all […]

What are WordPress admin notices (and how do they work)?

Even if you’re new to WordPress, you’ll be familiar with admin notices. They’re the messages that show up on your dashboard to let you know about updates, errors, changes and more. Admin notices give you critical information about your site, which enables you to take timely action. Moreover, if you’re a theme or plugin developer, […]

How to use WordPress user roles for improved WordPress security

Learn more about WordPress user roles and what capabilities users have when assigned to a specific WordPress user role. With WordPress user roles, the WordPress owner can have control of what the users can and cannot do on the WordPress installation.

Why a strong password policy is so important for your WordPress website

If you’ve been managing a WordPress site for a while, you may be wondering why a strong password policy is so important. Surely, users are aware that they need to use strong passwords? Unfortunately, many users knowingly use weak passwords, putting your WordPress site at risk. There are differing reasons why this continues to occur. […]

PPMWP 2.3.1: improved support for third party plugins

Today we are excited to announce update 2.3.1 of the Password Policy Manager plugin. The highlight of this update is improved support for other third party plugins, such as login redirects, e-Commerce and membership type plugins. Even though this update is a maintenance release, it still packs a punch. Let’s dive right in to see […]

WP 2FA 1.4.2: Improved 2FA policies & multisite network support

WP 2FA 1.4.2 comes with a good number of improvements. This update will benefit mostly those who want to setup two-factor authentication on a multisite network, or have multiple word user roles, such as shop manager in WooCommerce. However, there is much more to this update than just that. Let’s dive right in to see […]

The ultimate guide to WordPress user management

There’s nothing more complicated for webmasters than to manage their website users. If your website or e-commerce solution users aren’t managed correctly, they can inflict site-breaking damage and loosen up tight security protocols. While WordPress user management is vitally important, you also have to be able to run your business. You do not want to […]

WP 2FA 1.4: Support for Authy, FreeOTP, and other 2FA apps

Many have chosen to use our WP 2FA plugin because you do not have to be a developer or a security ninja to enable and require 2FA on your website. Our two-factor authentication plugin is dead easy to use. Today, we are taking it a step further; we are releasing an update in which we […]

PPMWP 2.3: Inactive users check, policies & performance updates

Today we are announcing Password Policy Manager update 2.3.0. This is an exciting release featuring the all new inactive WordPress users check. In it we also included a good number of other password policies improvements and performance updates. Let’s dive right in to see what is new and improved in this latest update of our […]

Our other plugins