During routine plugin testing, we discovered a critical security vulnerability in the Shortcodes Ultimate plugin for WordPress which has 600,000+ installations. This plugin, widely used for adding powerful shortcodes to enhance website functionality, is currently vulnerable to a severe security flaw that could potentially allow attackers to exploit and gain unauthorized access to your WordPress site.
The exploit allows contributors to embed malware JavaScript code into new posts via shortcode, subsequently facilitating admin account creation. By exploiting this flaw, attackers can gain unauthorized access and wreak havoc on websites.
Don’t rush to delete the plugin. To mitigate the risk you should just update your Shortcodes Ultimate plugin to the latest version. Additionally, implementing robust security measures, such as regular vulnerability assessments and user role restrictions, can fortify defenses against XSS attacks.
We’ve been wanting to make our own branded useful merch for our customers for a while now. For this purpose, we needed a marketplace on which we could place our goods, as well as deliver them to customers. No wonder we chose Amazon. In this article, we’d like to share our experience in launching our giftware sales and hopefully help those who are just thinking about how to start selling on Amazon.
Step 1: Finding the Right Products to Sell
One of the most important factors in determining your success on Amazon is finding the right products to sell. If you go to https://www.amazon.com/bestsellers you will see lots of products, that are sold way more often than others. Here you need to research products that sell well to find the ones, you like best or what you would be more comfortable branding.
We have chosen the water bottle category for us for several reasons:
It’s a product for everyday use.
It promotes the healthy habit of drinking enough water every day.
These bottles look great and it will be convenient to put a logo on one.
After choosing the right category and product you will need a product that you can buy as cheaply as possible, apply your logo, and sell at the average market price or higher. To find such a product we went to alibaba.com. It was difficult to find the same item as we wanted, but we were able to find the most similar one and contacted the seller to find out the details.
The good news was that for orders of 50 pieces or more, the seller would put the logo on the items for free. All we had to do was send the logo to the seller and a day later we received a photo of a bottle with the logo already applied.
To make sure of good quality goods and quality logo application we ordered delivery of 1 item.
Despite the $38 shipping cost on a $10 order, it was the right decision. Because after a week we received the product and after that, we were absolutely sure that the product would be a pleasure to use. So we ordered a full batch of 50 water bottles.
Step 2: Setting Up Your Amazon Seller Account
First, you need to choose a seller account type. There are two types of seller accounts:
Individual accounts are free but you are charged $0.99 per sale.
Professional accounts cost $39.99 per month, no matter how many items you sell.
We weren’t sure at what rate the items would sell, so we chose an individual account.
After that, you will access your Amazon Dashboard. Once you have connected your payment card and added your brand information, you are ready to add your product to Amazon.
Step 3: Adding a product and setting up a fulfillment plan
ASIN is an Amazon Standard Identification Number, which is the unique combination of 10 letters and/or numbers that is given to your product by Amazon. ISBN is an International Standard Book Numbers, which are unique identifiers for commercial books with a barcode. UPC or Universal Product Codes, is a unique 12-digit code assigned to retail packaging to help identify products in the US. EAN or European Article Numbers is simply a European version of UPC. It consists of 12- or 13-digit numbers for product identification.
If your product is unique like ours, select “I’m adding a product not sold on Amazon”. In this case, Amazon will assign an ASIN to your product, which will become your product’s primary identifier.
After that, you need to fill in all the information about the product in as much detail as possible. Here’s how it looked for us in the end.
And since Amazon’s interface doesn’t explain what and where it is, we’ve prepared a hint for you.
Title 200 characters max, capitalize the first letter of every word
Images 500 x 500 or 1,000 x 1,000 pixels to increase listing quality
Variations Such as different colors, scents, or sizes
Bullet points Short, descriptive sentences highlighting key features and benefits
Featured offer (“Buy Box”) The featured offer on a detail page. Customers can add to their cart or “Buy Now”
Other offers The same product sold by multiple sellers offering a different price, shipping options, etc.
Description Keywords improve the chances that people will find your listing
Once your item is added you need to decide how you will package and ship your items. Amazon has 2 solutions for this:
You can fulfill orders yourself, maintaining your own inventory and shipping products directly to customers. We call this merchant-fulfilled shipping (MFN).
You can send your inventory to Amazon and have us pick, pack, and deliver products through Fulfillment by Amazon (FBA). FBA also takes care of customer service and returns.
We chose the second option because we wanted to delegate this issue to experienced professionals to minimize the possibility of mistakes.
Fulfillment by Amazon (FBA)
We would like to talk about this option separately, as it has both pros and cons.
Pros
free shipping for your customers;
lower operating costs;
no need to contend with client inquiries;
Cons
laborious product preparation requirements;
potentially costly charges;
long-term storage fees;
complex sales tax;
Long story short, FBA is definitely not a cheap option and can make it difficult to justify the expense. But if you want to save your time it is really great.
Step 4: Driving traffic to the product
When you want to increase your sales in a marketplace you shouldn’t just rely on people finding your product on their own and choosing it because of its quality-to-cost ratio. Because there are indeed a lot of products on Amazon. This is especially true for products about a brand that, few people know about.
In this case, you need to take care of additional sources of traffic and a good option could be your website or online store, where people are familiar with your brand.
We have placed several banners on our blog and on our clients’ dashboards. This is roughly what it looked like.
Statistics on traffic sources and purchases are not available on the individual tariff, so we can’t say for sure what share of sales these banners brought, but we assume that not less than a half, taking into account the fact that the main products of our company and the brand itself for a fairly narrow audience.
Step 5: Keep track of your orders and adjust the price
In case you’ve enabled the FBA option, the only thing you’ll have to do is keep an eye on the status of your orders and how Amazon does everything itself.
Also, we recommend you collect sales statistics for a certain period and try to increase or decrease the cost of the product and track the impact of the cost on the number of sales as it can help you optimize your costs and increase your profits.
We wish you great sales!
It is difficult to fit all of our experiences into this article, but we have tried to mention the most important issues that we had to deal with ourselves.
We welcome questions in the comments and will be happy to share more specifics to help you save time and money.
Many online comments and reviews are helpful, but some might not be written by real users. A special verification badge could indicate if a comment/review is confirmed to be written by a real person. This might help you decide which reviews to trust more when reading/discussing online.
Why it is important to protect a mobile app from spam bots
Spam bots are a serious threat to your website, but it affects your mobile app just the same. More than 54% of traffic goes from mobile devices and 76% of internet traffic comes from bad bots. This means that bad bots generate up to 41% of your mobile traffic However, we have listed 5 reasons to protect your mobile app from bots and to stop bad bots before harming your app.
Why it is important to protect your mobile app from spam bots
User experience Spam bots can flood your app with fake accounts, comments, and messages, which can eventually lead to degrading the user experience for legitimate users.
Security Spam bots can carry out malicious activities such as spreading malware, phishing attacks, and stealing sensitive information from users.
Resource consumption Spam bots can overwhelm your servers and consume valuable resources, leading to slower performance and increased costs.
Reputation If your app is known for being overrun by spam bots, it can damage your reputation and deter legitimate users from using your app.
Compliance Depending on the nature of your app, you may be required to comply with regulations related to data privacy and security. Allowing spam bots to operate unchecked can put you at risk of violating these regulations.
How it works
The Bot Detector works in the background and is not visible to the user. It does not require the user to confirm that he is not a bot.
How to install your mobile app spam protection
If you need to protect mobile apps from spam, you will definitely need a solution that uses API to check registrations for spam. The Bot Detector service uses the CleanTalk check_bot API method via a special library that you can download and integrate with just 1 line of code. You can check out our detailed instructions on GitHub below.
Good news for website owners on Magento 2.0 or newer. We have updated our UniForce extension, and now it works with Magento 2.X.
What exactly the extension does
UniForce is an extension that can be installed on any PHP site, CMS, or framework. We also call Uniforce a Universal security plugin for every CMS.
Malware scanning One-time and daily automatic tests for existing Malware and viruses among the site’s files.
Firewall Firewall – uses a database of IP addresses of those who attempt to hack sites, personal IP lists, networks, and countries. These lists forbid visiting the site, which means you can’t get to the site from these IPs.
XSS, SQL, and exploit-based attacks Protect a website from exploit attacks, XSS attacks, and SQL injections.
Brute-force protection Protect a website from password guessing (brute-force).
Introducing File System Watcher, a new feature of our Security protection. It helps to track changes in your site files to detect suspicious ones in time. File System Watcher has already been added to all plans and is enabled by default.
How the feature works
The feature takes a snapshot of the file system during a selected period and allows you to monitor which files on your site have been modified between selected dates. The snapshots are stored for 7 days.
You can control the frequency of snapshots in the plugin settings. Alternatively, you can run the snapshot immediately by clicking the Create File System snapshot button and refreshing the page.
How to use the feature and see results
1. Go to your WordPress site dashboard and go to Settings → Security by CleanTalk → File System Watcher.
2. Select the dates you want to compare and click the Compare button.
3. Click the View link and you will see the code for the modified version of the specified file.
To use this feature you have to have a Security & Malware scan plugin installed to your WordPress. Feel free to download it in WordPress catalog.
Hubspot users frequently encounter the issue of their email newsletters being classified as spam, despite having appropriate content in the emails. Even though the email content, headers, and text are all in compliance, you can still see the emails flagged as spam. Let’s investigate the possible reasons behind this occurrence.
Why email from Hubspot going to spam
Exclamation points or certain phrases in the “subject” line Avoid using exclamation points or specific phrases in the subject line that may trigger spam filters, such as “Make money,” “Free,” or “Not spam.” It is advisable to steer clear of these types of triggering phrases to prevent your emails from being classified as spam.
The Unsubscribe Button is missing It’s important to keep in mind that if an email is not pertinent to the recipient and lacks an Unsubscribe option, the only recourse for the recipient to cease receiving the email is to flag it as spam.
Irrelevant offer If multiple individuals label your email as spam, it could result in your future emails being automatically directed to recipients’ spam folders.
Blacklisted or unreal email in your email list We believe you can handle the changes above yourself, but this one requires some help to check email addresses. Since so many bots use subscription forms and use either fake addresses or stolen ones. If you have blacklisted and unreal emails in your email list, spam filters can recognize it and put your emails at risk of going into the spam folder.
Mailing to such addresses will not be useful, so we made a web service that clears your email list by checking it through a database of 6M email addresses for fake addresses and spam. Use the instructions below to clean your mailing list of “bad” addresses.
How to protect your HubSpot forms from spam bots
The Anti-Spam plugin for WordPress by CleanTalk has direct integration with HubSpot and blocks any spam bots even before they reach your website. Follow this guide to protect your HubSpot forms from spam.
How to clean email list of non-existent or spammers email addresses
1. Visit the SpamBots Check page, where you can clean your email list by inputing your email list by either copying and pasting it into the designated field or uploading a file using the Browse button. Click the Clear my list button to initiate the process. That is the moment when all the non-existent or spammers email addresses are recognized and filtered. You need to register to check more than 5 emails, and it only takes approximately 30 seconds to complete.
2. Once the email list has been processed, you will be presented with a summary of the checked emails along with their corresponding outcomes. You can easily download CSV and JSON files or share the check results by utilizing the provided links located in the upper right corner of the page.
URL to results – share the check results or reset to the full list, including both good and bad lists. Good list – remove emails that are suspiciously active or invalid. Bad list – leave only emails that are suspiciously active or invalid. Copy – copy the entire list of emails. CSV – download results of the check in CSV-file. JSON – download results of the check in JSON file.
3. Access the CSV or JSON file and select the emails that are not on the blacklist for copying.
4. Access your HubSpot newsletter, paste the list into the designated area, and then click on the Continue to organize button.
5. Next, proceed with the regular process of creating your HubSpot newsletter.
By utilizing confirmed email addresses, you can prevent your HubSpot messages from being marked as spam, ensuring that more of your newsletter emails are successfully sent and read. Remember to validate all email lists to minimize the risk of your emails being flagged as spam. Email verification is essential for cleaning up email lists, enhancing email deliverability, and boosting engagement rates.
CleanTalk added spam protection for FluentBooking using direct form integration. Always be sure to use the most effective Anti-Spam plugin. For example CleanTalk Anti-Spam will guarantee your FluentBooking spam protection in about 5 minutes.
Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be FluentBooking but many other forms.
How to check your FluentBooking spam protection in about 5 minutes
You can test the work of Anti-Spam protection for your FluentBooking forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.
If you have any questions, add a comment and we will be happy to help you. Create your Cleantalk account – Register now and enjoy your spam-free FluentBooking.
MailChimp users often find that emails from their email newsletters end up in spam. The emails themselves, the headers and the text are fine, but still for some reason the emails end up in spam. Let’s try to figure out what the reason might be.
Why email from MailChimp going to spam
Exclamation points or certain phrases in the subject line E.g. “Make money”, “F r e e”, “Not spam” and many others. Try to avoid using triggering phrases like these ones.
The Unsubscribe Button is missed Always remember, that in case the email is not relevant to the mailing recipient and there is no Unsubscribe button, then the only way for the recipient to stop getting the email is to mark it as spam.
Irrelevant offer In case several people mark your email as spam, other emails can end up in the spam folder as well.
Blacklisted or unreal email in your email list Having blacklisted and unreal emails in your email list can be recognized by spam filters and put your emails at risk of going into the spam folder. In the instructions below, we will tell you how to clean your mailing list of “bad” addresses.
How to keep MailChimp from going to spam
1. Go to SpamBots Check page, copy and paste the email list into the left field or you may upload the file using the Browse button on the right, and press the Submit button. You will need to register in order to check more than 5 emails, which takes about 30 seconds.
2. After that, you will see a list of checked emails with their results. Feel free to download CSV and JSON files or share a link to that check using the links on the upper right.
URL to results – share the check results or reset to full list, including both good and bad lists. Good list – remove emails that are suspiciously active or invalid. Bad list – leave only email that are suspiciously active or invalid. Copy – copy the entire list of emails. CSV – download results of the check in CSV-file. JSON – download results of the check in JSON-file.
3. Go to CSV or JSON file and copy only emails, that are not blacklisted.
4, Go to your MailChimp newsletter, paste the list in there, and press the Continue to organize button.
5. After that, continue creating your MailChimp newsletter as usual.
Using only verified emails will help you avoid MailChimp going to spam and get more of your newsletter emails delivered and opened. And don’t forget to verify all your email lists to reduce the chances of your emails ending up in spam. Email verification not only allows assistance in cleaning email lists to increase email deliverability and engagement rates.
CleanTalk added spam protection for Divi Builder email opt-in subscription form using direct form integration. So in case, you prefer using Divi subscription form be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect your Divi subscription form from spam.
Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be Newsletters subscription forms but also many others.
To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.
Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».
After installing the plugin, click the «Activate» button.
After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings» button.
That’s it! From now you How to completely protect your Divi Builder email opt-in subscription form from spam.
How to check spam protection for Divi Builder email opt-in
You can test the work of Anti-Spam protection for your СonvertKit Forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.
If you have any questions, add a comment and we will be happy to help you.
Create your CleanTalk account – Register now and protect your Divi Builder email opt-in from spam in 5 minutes
Update
The protection works only for website visitors, not for website admins. Be sure to test the form protection using Incognito mode.
Additional features
CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, and reviews.
Installation takes about 1-2 minutes.
Smart 99% protection against spambots.
Always online – 24/7 technical support.
Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.
Discover the complete list of CleanTalk Anti-Spam plugin features here.
