WordPress Security: Serious Vulnerability in WordPress Download Manager

There is a serious vulnerability in the WordPress Download Manager plugin that allows a remote attacker to upload malicious scripts to your website, gain administrative access and modify passwords.

The vulnerability exists in versions of WordPress Download Manager older than 2.7.5. The Changelog confirms this has been fixed as of version 2.7.5.

The Problem:

WP Download manager was allowing unauthenticated ajax calls to execute arbitrary functions. This would allow an attacker to upload arbitrary files and perform a variety of other malicious tasks.

What to do:

Upgrade to WordPress Download Manager version 2.7.5 which is the newest version at the time of writing.… Read the rest

WordPress Security: Multiple Vulnerabilities in InfiniteWP Admin Panel. Upgrade immediately.

About an hour ago researcher Walter Hop from Slik BV in the Netherlands disclosed multiple serious vulnerabilities in the InfiniteWP Admin Panel on the Full Disclosure and Bugtraq mailing lists. This admin panel is a standalone PHP application that is installed on a website and used as an interface to manage multiple WordPress websites.

The vulnerability includes several issues, the most serious of which appear to allow unauthenticated SQL injection. There is also a file upload vulnerability but only for certain web server configurations.

The issues were initially disclosed on November 26th and InifiniteWP has since released two fixes, the most recent of which were released yesterday, to fix these issues.… Read the rest

Cyber Monday 2014 Web Hosting Coupons and Deals

cyber-monday-header-600x261

Well if Black Friday specials weren’t enough, why not have some killer Cyber Monday Specials. We know everyone loves reliable web hosting at a fantastic price, right?!?! So without further adieu, here are our Cyber Monday specials and coupons.

 

The sale has ended. See our daily specials here

 

 Shared Hosting Specials

60% off our Corporate Hosting package for the first year. Coupon Code: cmcorporate60. (Regular price $251.40, with coupon $100.56)

50% off the first payment on any Shared Hosting package for any term.  Coupon Code:  cmshared13

30 % recurring discount on any Shared Hosting plan.  Coupon Code: cmshared13r

[SIGN UP NOW]

 


 

Reseller Hosting Specials

50% off the first payment on any Reseller Hosting package for any term.  … Read the rest

Black Friday 2014 Web Hosting Coupons and Specials

Black-Friday-2014-Featured-Image

 

We all know that Black Friday is the biggest sales day of the year and that is no different for us at MonsterMegs. This year we have some amazing discounts on our Shared, Reseller, and Enterprise Hosting plans. This year we have decided to open our Black Friday specials a few hours ahead of the official Black Friday.

This Black Friday, you can save up to 75% off or a recurring 30% off. So, waste no time and take advantage of these generous hosting discounts before they expire!

The sale has ended. See our daily specials here

 


Shared Web Hosting

— 75% off the first payment.  Read the rest

Two-Step Verification Now Available to All Customers

hosted-authentication

If you have gone through the anguish of having your personal information exposed to theft and abuse, you probably already realize that even the best password is not always enough to protect your data against unauthorized access. There are many ways how you can find yourself exposed: lost/stolen electronic devices, electronic fraud (phishing, scam, etc.), and hacking of popular service providers have all become widespread.

Two-factor authentication has become the weapon of choice to add an extra layer of security and in recent months we have had several requests from customers to integrate it with our services. True to our commitment to the security of users’ data, we have now made available this option for all MonsterMegs customers.… Read the rest