This was always on the card and just matter of time when this will happen. Facebook has allowed developer to allow friends status and other updates like location, interest, check-ins on third party apps using Facebook Friends Data API. Facebook was has always been questioned about the privacy of the users that use Facebook and thus keeping same in mind Facebook already announced this at F8 2014 that it would be ending Friends data API in a year. Well the time has come, this 30th April onwards, the API is being close and will not be accessible for developers.
From here onwards, all the developers should comply to the new changes or their connection to the Facebook API and required sections will not work. It comes as a welcome move by most of the users who feel that their personal data is their and not for their friends to share on any app. The users will also have more control on the level of data they want to show. This change will mostly impact development companies and not the users.
Facebook is also working with top 5,000 apps and provided them with feedback on how the new system will impact their app’s performance. But this move is certainly going to close down door on companies like Job Fusion, CareerSonar, Jobs With Friends, and adzuna Connect. This move again proves that for Facebook users comes first.
There has been a massive security flaw detection by the team of Yoast and Sucuri who detected that most popular plugins used in WordPress are vulnerable to Cross-site Scripting (XSS) due to the misuse of the add_query_arg() and remove_query_arg() functions. These are the amongst the most used functions of WordPress and over the time has been used by most of the plugin developers and theme creators. The functions helps to modify and add query strings to URLS within WordPress.
The reason that was identified that the official WordPress documentation available at Codex for these functions are not very clear and has thus led the WordPress developers to use them in a very insecure way. This has caused most popular plugins to be vulnerable to XSS. The concerning part is that this vulnerability is not just limited to themes and plugins purchased from marketplace like themeforest or codecanyon but in general may easily apply to any WordPress developement and website.
What should i do to secure my WordPress website?
It is still not identified and sure that which all plugins and themes are impacted. So the best solution is to regularly check your WordPress for any upgrade and keep on updating the plugins and themes for the same.
ThemeForest and CodeCanyon which is the biggest market place for WordPress based resources is actively working with the authors of WordPress products and asking them to update their products. There will be updates available for download for almost all the products within few days over the market place.
Apart from that, make sure to check your website for any other plugin, remove those which are not used. Update WordPress ASAP and also look for regular updates.
Which plugins are effected?
As per now, we are able to find over internet that these plugins are impacted. Most of them have already rolled an upgrade which you should get your store updated with. There are many more and they will soon put an update.
Google Analytics by Yoast
All In one SEO
Multiple Plugins from Easy Digital Downloads
Related s for WordPress
Multiple iThemes products including Builder and Exchange
Easy Digital Downloads
Aesop Story Engine
All In One SEO
Broken Link Checker
Related s for WP
Google Analytics Top’s Widget
Seriously Simple Podcasting
WP Idea Stream
Church Themes Content
WP to Twitter
WP Print Friendly
TGM plugin activation
All In One WP Security
The Events Calendar
Reach usto help you update your WordPress setup and help you secure your website from this security threat.
We posted a blog last week, “Shoplift bug :: Is your Magento shop vulnerable to it(SUPEE-5344)?” alerting all the Magento store about the potential threat that could cause hackers have a control over their store. Magento has again issues another critical alert and asked to update the store with the patch. They will be doing a public release about it soon and that will activate more hackers to take control over the stores that are not patched.
Contact us if you need any assistance in getting this done for your store. Our team of Magento Professionals have already done it for 12 stores till now and we will be glad to help you too.
Yesterday, Magento sent a critical reminder to all the store owners. The reminder was sent to all the store owners who have not updated their Magento yet for a vulnerability named as “Shoplift (SUPEE-5344)”. The bug was first detected in the month of Feb and Magento sent an update to its users to update their store.
Yesterday Magento did a random check and found 60% of the website were not updated yet which counts to around 140,000 Magento installed online shops globally. It is expected that in next 48 hours most of the website will be effected by this bug.
Shoplift is a term given to a bug that allows hackers to take full control of your Magento Store. There was a patch released for it in February called “SUPEE-5344” but yesterday’s check by Magento confirms that around 60% of Magento installations are still open to this vulnerability.
The message from Magento takes you to the page on their website that give you information on how to update and apply the patch. Upon some more research we came across this website called Byte which claims to check and confirm if your website is effected by this bug. You can have a check about this here.
Incase if you need help to update your website quickly for this bug, Reach us Now.
According to a research done by Seewhy, astonishingly around 72% of website visitors add products to their cart and leave abandoning the cart. This is a high ratio considering the sales that a store expect. There are different factors that are credited for a customer abandoning the cart. A comScore study found that 36% of consumers will not buy unless free shipping is offered. An etailing group study shows that 47% of online customers will not buy, or only in exceptional circumstances, unless a product is on promotion. There are many other reason like the cost of the product, the clarity of details shared in the product, the discount offered, the shipping and logistics rate applied to the product and some related to how you present your website to your cusotmer.
According to the polls conducted by different ecommerce market survey agencies, 81% store owners believed that the majority of abandoners never return. It has also been noticed that when the customer who abandoned the cart is reached by the store owner, their intend to purchase the product is high. The polls suggest that there is a high chance of 75% abandoner to return and purchase the product if approached by the store within some period of time. This data is staggering considering the effort it takes to bring a customer on the store and then try sell them something.
Considering these research and over all experience that we got from our customer over the period of time, we at Envision Ecommerce have come up with yet another Important must have Magento Extension that allows you to reach your abandoned cart users through emails and coupons. The extension is called “Enhanced Abandoned Cart” and it helps you to reach your customers. The extension allows you to set automated followups. The extension also helps to log important events that helps you understand the nature of the customers who abandon cart on your store.
Feel free to reach us if you want to know more about the extension or its usage. Allow us to help you increase your store’s revenue by bringing back these customers and thus converting your abandoned cart into successful orders.
Envision Ecommerce aims to develop Magento based solutions that helps both Store owners and their customers. These products are developed by Magento Certified Professionals. In quest to help the community, Envison Ecommerce have developed yet another excellent Magento Extension called “Advance Dependent Custom Option in Magento” that allows you to show precise information to your customer and thus decrease bounce rate and helps increase the overall sales from the store.
While creating simple products, it is a common practice to create custom options. These custom options helps the customer filer and choose the exact specification that they are looking for. Sometimes as a customer, while purchasing the product, you always want to know what options are dependent. Based on the selection of first specification, which second specifications are available. This is exactly what the extension do.
As a store Admin, you want your customer to get the precise information they are looking to increase the chances of sales from your store. Giving a lot of information is never a recommended strategy and this is what the extension does. While creating simple products with Custom options, this extension allows you to create relation between them thus allowing you to show only the precise relation based custom options and thus increase the chances of getting more sales.
Adding custom options in products is also a cumbersome job which every Magento Store Owner know. It has to be done each time for each product. This extension also allows you to easily copy the custom options from one product to other just with the help of SKU and admin interface. This feature not only helps speed up the inventory management in Magento but also reduces the chances of human errors.
Google on Thursday, February 26, 2015 announced that effective from April 21, 2015, it will update its search algorithm so that comparable responsive websites will rank higher than non-responsive websites in mobile search results. With this Google has now got very specific about the impact of not having a responsive website.
According to the announcement on Webmaster Central Blog, Google said:
“Starting April 21, we will be expanding our use of mobile-friendliness as a ranking signal. This change will affect mobile searches in all languages worldwide and will have a significant impact in our search results. Consequently, users will find it easier to get relevant, high quality search results that are optimized for their devices.”
Here is the infographics that shows the importance of having a Responsive website. It is very crucial to get your website ported into a responsive website.
Amazon has always been known for their innovation product ideas and their effort to make shopping experience wonderful for their customer. Continuing with their legacy, Amazon now have come up with another innovation product idea called “Amazon Dash Button”. A simple service that is currently available for Premium Members. Amazon has done a tie-up with 17 brands to launch this service to you. There are already about 254 eligible Dash Button Products on Amazon.
Amazon already has all the information about you and once the order for a particular product is given, Amazon ships the product to you and thus you never run out of anything at your home. This is really a very helpful and innovation step from Amazon in their customer service improvement and in the field of Ecommerce as such.
Know more about it :: https://www.amazon.com/oc/dash-button
Amazon is now telling its online merchants who used to sell their products using Amazon Webstore that it plans to shut down its Amazon Webstore business. This comes as a news of announcement just after few month when eBay announced that it will be shuttering its Magneto Go service, which provides similar functionality. This section of business has recently seen a very high competition with Shopify and Bigcommerce doing very well in raising lots of funding and ensuring to provide incomparable experience for small businesses.
Amazon said to its Webstore owners that it is closing down as of June 1, 2016 giving them more than a year to look for alternatives like Magento, Shopify, Mozu, Bigcommerce and Woocommerce. There has not been any official confirmation from Amazon but there is a lot discussion going on about the same on forum for Amazon sellers.
Let us help you choose the best platform to port as per your need. Contact Us to discuss more.