WordPress 5.5 Breaking Plugins and Themes

On August 11th, WordPress Version 5.5 “Eckstine” was rolled out for websites powered by the world’s most popular content management system. Over 10,000 websites have been updated, however; many of them are breaking after making the change. One of the major reasons for this bug is essentially deprecated support for the Javascript “jQuery Migrate” Library. … Read more

Null Byte Injection – How hackers can upload malicious scripts and bypass security.

In this post, I will explain how a hacker can bypass file upload restrictions to upload arbitrary files using null byte injection. To fully understand the null byte vulnerability, we must take a look at how the C language handles strings. This is important because at some point, PHP relies on C/C++ functions to handle … Read more

WordPress 4.2.3 is here !

WordPress, everyone’s favorite CMS, has a new version: 4.2.3 available today. This should be considered as a security release for all previous versions, and of course, we strongly recommend you to update your wordpress website immediately. Here at Boston Web Group, we’ve seen tons of WordPress sites get hacked.  It’s a sad thing to see, … Read more