These 8 Wordpress Plugins are Exploited by Hackers Overall rating: ★★★★★ 5 based on 23 reviews
5 1

BlogSimplio Labs Blog

“Once we accept our limits, we go beyond them.”

Albert Einstein

These 8 WordPress Plugins are Exploited by Hackers

Developers, Wordpress No Comment

According to reports, 35% of the websites in the world run in the WordPress CMS. Due to its popularity, it is also subject to many attacks. A new report has seen a growing number of attacks on WordPress sites that are all taking advantage of security flaws in some of the popular plugins.

Many of these attacks against WordPress sites involve hackers trying to hijack websites by targeting recently-patched plugins.

In other instances, attackers have been able to uncover zero-day exploits in various plugins. This applies to bugs that are unknown to the plugin creator, suggesting that no patch may be available.

Below is a list of plugins identified as being part of this recent string of attacks.

If you are using any of these plugins on your WordPress website, it is recommended that you update them immediately and keep an eye on updating them year-round.

Duplicator (1 million+ installs)

Duplicator is a plugin that lets site owners export the content of their sites. A bug was patched in version 1.3.28 that allowed attackers to export site contents, including database credentials.

ThemeGrill Demo Importer (200,000 installs)

A bug in this plugin, which comes with themes sold by ThemeGrill, allowed attackers to wipe sites and take over the admin account. This bug was patched in version 1.6.3.

Profile Builder Plugin (65,000 installs)

A bug in the free and paid versions of this plugin allowed hackers to register unauthorized admin accounts. This bug was patched on February 10th.

Flexible Checkout Fields for WooCommerce (20,000 installs)

A zero-day exploit in this plugin allowed attackers to inject XSS payloads, which could then be triggered in the dashboard of a logged-in administrator. Attackers used the XSS payloads to create rogue admin accounts.

Attacks began on February 26. A patch has since been issued.

ThemeREX Addons

A zero-day exploit in this plugin, that comes with all ThemeREX commercial themes, allowed attackers to create rogue admin accounts.

Attacks began on February 18. No patch has been issued for this bug, so site owners are advised to remove the plugin as soon as possible.

Async JavaScript (100K installs)

10Web Map Builder for Google Maps (20k installs)

Modern Events Calendar Lite (40k installs)

Three similar zero-day exploits were discovered in these plugins. Patches are available for each of them.

Source: ZDNetSearch Engine Journal

WordPress 5.4 Lazy-Loading to All Images

What's New, Wordpress No Comment

Source: Searchenginejournal.com

WordPress announced that WordPress 5.4 may feature image lazy-loading by default. This feature will enable the “loading” HTML attribute on all IMG elements. WordPress publishers will no longer need to use JavaScript or third party plugins for lazy-loading their images.

Lazy-loading

The lazy-loading HTML attribute tells a browser to either wait before downloading an image or to download it right away. There is no JavaScript need to accomplish this.

There are three kinds of lazy-loading attributes but only two that really matter:

  1. Lazy
  2. Eager

Lazy, which will be enabled in WordPress 5.4 by default, means to wait until the user’s browser viewport is within a certain distance before downloading the image. This behavior will speed up users’ experience on WordPress sites.

The “eager” attribute tells the browser to immediately download the image.

WordPress 5.4 Release Date

WordPress 5.4 is currently set to release on March 31, 2020. That date is subject to change depending on how ready the release is. But WordPress has been very good about meeting their deadlines.

According to the WordPress comments, the lazy-loading attributes will be implemented in a manner that makes it easy to remove them. This is important in case future browsers begin lazy-loading all images by default, without the need for a loading attribute.

Google has indicated via Web.dev that there are plans to automatically enable lazy-loading to all images when a browser in the Lite mode (formerly known as Data Saver mode).

Test Drive WordPress Lazy-Loading

The WordPress team has officially released a WordPress lazy-loading plugin designed for testing purposes. Publishers who want to test it and give feedback are welcome to download the plugin and give it a try.

Read the official WordPress announcement here:

Lazy-Loading Images in WordPress Core

Plugin flaw puts over 200,000 WordPress sites at risk of attack

What's New, Wordpress No Comment

Over 200,000 WordPress sites have been warned they may have been exposed to a bug that allows hackers to take over the website easily.

The affected sites were all found to be running an unpatched open-source plugin that puts them at risk of attack.

This high severity cross-site request forgery (CSRF) bug has impacted a plugin called Code Snippets which is used to run PHP code snippets offering a graphical user interface that looks similar to the plugins menu.

Attacked

The bug, first tracked by security firm Wordfence, allowed attackers to inject a PHP code on behalf of the administrator and execute malicious codes remotely. It also allowed hackers to create new administrator accounts, extract sensitive data, and even infect site users.

Wordfence researchers pointed out that though the developers had followed all the security measures however, the import function in the plugin had a flaw that could be easily compromised.

The vulnerability has been fixed on 25th January, a couple of days later it was reported, with the latest release of the Code Snippet plugin now version 2.14.0. Any admins running an older version of the plugin have been told they must update to the patched version.

As per a WordPress plugin download data of the latest update, approximately 58,000 users have downloaded the updated plugin while over 140,000 users are still on the older version and are vulnerable to hack.

 

Source: TechRadar

Elegant Themes Divi Theme Code Injection Vulnerability

Wordpress No Comment

Elegant Themes Divi Theme Code Injection VulnerabilityIf you are someone who is using the WordPress Divi Themes, you might want to update it right away. Just last week, Elegant Themes announced that several of their products contained a code injection vulnerability, their team discovered this during a routine code audit.

What is the vulnerability?

Code Injection, also called Remote Code Execution (RCE), is a general term for attacks that exploit poor handling of untrusted data. The code injection vulnerability can allow an attacker to install malware on a website. The Divi vulnerability allows users who are logged in to execute a small set of PHP functions. 

Who is affected?

WordPress Websites who are using Divi version 3.23 and above, Extra 2.23 and above or Divi Builder version 2.23 and above, are affected.

What is the fix?

Updating your themes and plugins will fix this problem. You can update your themes and plugins from within your WordPress dashboard, or you can download the latest versions from the members area and update them manually. 

Millions of Sites Exposed by Flaw in Jetpack WordPress Plugin

Wordpress No Comment

Admins and owners of WordPress websites are urged to immediately apply the Jetpack 7.9.1 critical security update to prevent potential attacks that could abuse a vulnerability that has existed since Jetpack 5.1.

You can update your installation to the 7.9.1 version through your dashboard, or manually download the Jetpack 7.9.1 release here.

Jetpack is an extremely popular WordPress plugin that provides free security, performance, and site management features including site backups, secure logins, malware scanning, and brute-force attack protection.

The plugin has over 5 million active installations, and it was developed and it is currently maintained by Automattic, the company behind WordPress.

Not yet exploited in the wild

The vulnerability was found in the way Jetpack processed embed code and Adham Sadaqah was the one credited for responsibly disclosing the security issue.

While not a lot of details were disclosed regarding the security flaw to protect the sites that haven’t yet updated, the announcement made by Jetpack says that the bug impacts all versions starting with the 5.1 release and going back as far as July 2017.

The Jetpack developers state that no evidence was discovered until the release of the critical Jetpack 7.9.1 security update that the vulnerability has been exploited in the wild.

Active Jetpack versions
Active Jetpack versions

“However, now that the update has been released, it is only a matter of time before someone tries to take advantage of this vulnerability,” the developers warn.

The development team also says that they worked with the WordPress.org Security Team to release patches for every version of Jetpack since 5.1 and that “most websites have been or will soon be automatically updated to a secured version.”

Millions already patched

At the moment over four million out of the more than five million WordPress websites that use Jetpack have already been updated according to its entry on the WordPress Plugins site.

“Versions released today include 5.1.1, 5.2.2, 5.3.1, 5.4.1, 5.5.2, 5.6.2, 5.7.2, 5.8.1, 5.9.1, 6.0.1, 6.1.2, 6.2.2, 6.3.4, 6.4.3, 6.5.1, 6.6.2, 6.7.1, 6.8.2, 6.9.1, 7.0.2, 7.1.2, 7.2.2, 7.3.2, 7.4.2, 7.5.4, 7.6.1, 7.7.3, 7.8.1, 7.9.1,” the Jetpack dev team says.
Jetpack downloads history
Jetpack downloads history

Jetpack received another security update to address an issue found during an internal audit of the Contact Form block in December 2018, and a critical security update patching a vulnerability in the way some Jetpack shortcodes were processed in May 2016.

Last year, hackers also found a method of installing backdoored plugins on WordPress websites using weakly protected WordPress.com accounts and the Jetpack plugin’s remote management feature.

 

Source: www.bleepingcomputer.com

Credit Skimmers Vulnerability

Developers, E-Commerce, What's New, Wordpress No Comment

We often write about malware that steal payment information from sites built with Magento and other types of e-commerce CMS.

When discussing credit card skimmers like Magecart, it’s sometimes overlooked that WordPress also has a decent share in the ecommerce segment. There are numerous popular plugins that can easily turn a WordPress site into a full-featured online store. In fact, Woocommerce alone has over 5 million installations.

Credit Card Skimmer Injected in WordPress Core

Our friend Salvador Aguilar over at Kinsta recently shared a few samples of malware found in the WordPress core files wp-includes/js/wp-util.min.js and wp-includes/js/admin-bar.min.js.

These Javascript files both contained the following injected code, found at the very top.

Magento WordPress Skimmer atob
Injected malware found in wp-includes/js/wp-util.min.js and wp-includes/js/admin-bar.min.js

This injected code is a typical credit card skimmer, with “e.src=atob” containing the encoded URL of the external script. In this case, it is decoded to “hxxps://zendesk-chart[.]com/top/aco.js”.

Common Skimmer Variants Found on Magento

We regularly find these types of injected scripts on Magento sites. They use variations of atob (base64) obfuscation, along with hundreds of different domains and customised URLs.

For example, on one Magento site we found a nearly identical copy of the skimmer script (referenced above), with only a slight variation. This variant loads the skimmer from hxxps://zendesk-chart[.]com/uk/google.js (instead of /top/aco.js), which works with the checkout form for that particular site.

Domains Used by This Malware Campaign

Zendesk-chart[.]com was created on September 13, 2019, and it is now hosted on 185.254.121.64.

A quick lookup shows that the same server in Russia hosts the following domains:

jquery-web[.]com – Creation Date: 2019-01-21
jquery-stats[.]com – Creation Date: 2019-03-30
tracker-visitors[.]com – Creation Date: 2019-04-19
jquerycodemagento[.]com – Creation Date: 2019-08-11
gooqleadvstat[.]com – Creation Date: 2019-09-13
gooqlemgrteg[.]com – Creation Date: 2019-09-13
zendesk-chart[.]com – Created on 2019-09-13
jquerystatic[.]com – Creation Date: 2019-09-13

All of these domains serve multiple versions of credit card stealers that can be found in the wild  injected into various e-commerce sites.

hxxps://jquerycodemagento[.]com/my/jd.js
hxxps://jquery-stats[.]com/u/redacted.js
hxxp:// jquery-web[.]com/wp/redacted.js
hxxps://tracker-visitors[.]com/my/jun.js
hxxps://gooqlemgrteg[.]com/ajax/jquery.js
hxxps://gooqleadvstat[.]com/ajax/maria.js
hxxps://jquerystatic[.]com/good/hard.js
…etc…

Mitigation Steps

What is evident is that this is definitely not a fully automated mass infection, where hackers have a unified solution (list of vulnerabilities and the payload) that fits all scenarios. Each script has been customized—both name and content—for each specific compromised site.

In this malware campaign, the checkout page URLs are detects for each target. From there, custom code works to collect sensitive credit card information from the victim’s checkout form.

The malware itself is CMS agnostic—it doesn’t matter whether the site is using Magento, WordPress, or any other type of e-commerce CMS. If there is a form that accepts payment details and it can be hacked, nothing prevents the bad actor from installing a skimmer there.

E-commerce website owners should take the security of their websites very seriously, since they are ultimately responsible for any customer data breaches resulting from transactions on their online stores. Extra attention should be paid to the hardening and monitoring of web pages and server resources. Perform regular security scans on your web assets to detect malware and other indicators of compromise.

Protect Your Website ASAP!

It is estimated that about a third of all websites are outdated and seriously vulnerable to hacks. What are the chances that one of those sites could be yours? Don’t wait until it’s too late, get in touch with professionals and start protecting yourself today. Consultation is always FREE.

 

OR CALL NOW
(888) 766-3315

WordPress Rank Math SEO Plugin Gets an Update

Wordpress No Comment

SEO is one the most important parts in making your website visible to the search engines. Over the years it has played a very important role in marketing and lead generation.

Most people who owns small businesses or startups often opt to install an SEO plugin in their WordPress rather than hire SEO professionals.

These plugins often do the job of improving the website’s SEO as well as attracting more visitors to the website.

 

Rank Math Dashboard (Source: Rankmath.com)

 

One of the most popular WordPress SEO plugin is Rank Math. Just recently, the developer has updated and fixed several vulnerabilities of this plugin which include allowing users to reset settings of the plugin, cross site scripting vulnerability and a security update.

1. Authenticated Settings Reset – Allows any authenticated user (with a role as low as subscriber) to reset Settings of the plugin. (Source: WPVULNDB)

2. Cross Site Scripting vulnerability

According to Post Wigger, a cross-site scripting (also known as XSS) is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. This update was publicly published a week ago.

3. Improved sanitization throughout the plugin

According to Search Engine Journal, sanitization means an extra layer of coding that will stop an unexpected input from breaking a script and allowing an exploit.

4. Fixed an error in the contact Shortcode when the time was added in a string format

5. Fixed ‘500 error’ appearing on some installations after updating the plugin settings

More of the most recent Rank Math updates can be seen on Rank Math’s changelog.

A changelog is a record of all notable changes made to a project. Whenever there’s changes to the plugin, the Rank Math changelog will be updated as well. This is a great way to inform users of the plugin’s vulnerabilities and this promotes transparency which is very rare nowadays. Some developers just tend to hide their product’s vulnerabilities.

Why is it important to update your WordPress plugin?

Updates can seen as intimidating or like a waste of time for some people. However, it is very important to get all your plugins updated in order to get access to new features and security and bug fixes that are very important in this time where hackers and cyber criminals are more active than ever.

By not updating your plugin, it could mean a security loophole for a cyber criminal to access.

New updates can also mean increase of speed for some plug-ins and maintaining backward compatibility.

 

Best WordPress Plugins for 2017

Wordpress No Comment

WordPress plugins are used to increase the functioning of your website without knowing a single line of code. A plugin is a software with a multiplicity of features which when added to your WordPress website can increase its functionality. The WordPress plugins are usually written in PHP language which is integrated easily with WordPress. There are many plugins available on the web that can be downloaded free of cost. Here are the best WordPress plugins for 2017:

  1. WordPress SEO by Yoast

Yoast SEO plugin is an all-in-one plugin that helps you with your website optimization. It is available in the premium as well as free version. It has a meta box for setting the focus keyword, the keyword you’d like your post or page to rank for in the search results.. It enables to set the right keywords at the right places. You don’t have to set Meta description for each of your post, Yoast SEO does it for you automatically.

Yoast SEO Premium plugin has many additional benefits. Some of them are being able to pick 5 focus keywords, internal linking suggestions and many more!

  1. Backup Buddy

Backup Buddy is known to be the best, easiest and so far the most reliable WordPress plugin for data backup. It has a feature of automatic scheduling of data backup of your site. It provides cloud backup, so you need not worry about losing your website content at any point of time. Having a up-to-date backup of your WordPress websites is critical for protecting your website.

  1. W3 total cache

This WordPress plugin is meant to improve your website’s speed performance and search engine rankings. It optimizes the user’s experience and boosts the loading speed of the page. It has a feature to setup browser, content delivery system, compresses page and page caching. This enables the downloading of the page fast and improves user’s browsing experience.

  1. Gravity Forms

If you are a beginner at handling a WordPress website, then Gravity Forms is all you need. It is the easiest way to set up any online form to your WordPress site virtually. With Gravity Forms, you can instantly create and publish forms. It is the best user-friendly WordPress form plugin.

  1. Thrive Leads

Using Thrive Leads provides four major benefits. It designs and deploys every type of opt-in form you need into one plugin. It boosts the page optimization by advanced targeting. It has A/B testing engine to increase conversion rate. It also provides insight of the performance through its actionable reporting.

  1. Edit Flow

Edit Flow WordPress Plugin provides the editorial workforce structure for the sites. It features includes, custom status, editorial metadata, editorial comment, calendar, notifications etc.

  1. SumoMe

Image: Winningwp.com

SumoMe is a WordPress plugin used for growing your email list. Through this plugin, you will make it easier for your readers to join your email list and share your articles.

You will also have various options on how you choose to have the email address of your visitors, be it through a fancy lightbox pop up to build email subscriptions, a scroll box that is triggered by how far your reader makes it down the screen or a Smart Bar which is a Floating Bar that can appear at the top or bottom of your website.

  1. Google Analytics WD

This plugin enables to view the Google Analytics report within your WordPress site. It lets you schedule your email reports, handles Goals and Custom Dimensions from your site itself.

  1. WP Smush

It is a plugin which lets you optimize your images without losing their quality. It is easy to use and enables to load your website faster.  WP Smush cuts all the unnecessary data without slowing down your site.

Top WordPress Plugins of All Time

Wordpress No Comment

wordpress-plug-in

Plugins are the only way to get your WordPress more functional and appealing. Though the core components of WordPress are suited for all kinds of needs, it takes a special and extra effort to perfect the contents on the WordPress. With plugins, you can assure that your stuff looks better and is more functional than otherwise. Let us have a review on the top plugins that are available for WordPress.

Jetpack by WordPress.com

Jetpack is a complete plugin solution that gets your self-hosted WordPress site with the reserves of Cloud utilities associated with the WordPress.com options. The features are easy and comfortable to handle and do not contribute to that extra load on your server. Some of the other options and features included are Email subscriptions for the posts and comments on the blog, interlink to the social networks, forms, URL shortener, links to embed YouTube, Vimeo, Dig etc. There are featured aspects that make the experience easy and faster with effortless choices. The options are also linked to the likes of services from Google, Facebook, Twitter and more of the likes with instant access options.

Backup WordPress

One of the most resourceful plugin you cannot do without, Backup Plugin gets you the safer options all the way to update, improve or retrieve your files with ease and comfort. The plugin has been carefully designed to be used with simple options and works pretty even if you have little memory out. The additional features included in the plugin are the special inclusion for multiple schedules, email notification on your backup, Support on Linux and Windows and Language options. One of the best features of the plugin is the extensive support and service with accuracy and most of the services are spot on.

MailPoet Newsletters for WordPress

This plugin provides you an easy option to send newsletters, notifications or enable auto responders. With this plugin, you can drop your posts, social icons and picked images in your newsletter. Also, it allows you to change fonts and colors, use custom themes within an instant. The plugin also has the support subscribers. The editors included are easy to access and operate with drag and drop options. Also, the mail looks exactly the way you wanted in any of the Email clients, be it outlook or Gmail. On an overall a good tool, if you need to increase the visibility of your site!

WordPress SEO Plugin by Yoast

Yoast is one of the better SEO plugins you could have on WordPress. In fact, Yoast is far better than most of the plugins available. The free version offers keyword-based analysis that includes the options for editing titles and meta-descriptions. Also featured for editing are the canonical tagging and robots meta configuration. Yoast comes with all featured utilities that mean you do not need to search one after the other for most of the need on WordPress. The plugin is easy to access and implement with most of the options and features easily operated through the basic operation. However, there is a reasonable class in updates that gets you more options for your WordPress and hence, forms one complete pack for SEO tools perfected for WordPress.

Faster WordPress Site With Cloudways and WPMU DEV Plugins

SEO Tips, Wordpress No Comment

wordpress-pluginsI Made My WordPress Site 1311% Faster With Cloudways and WPMU DEV Plugins..

I received a 1311% speed hike by installing on my server Cloudways controlled cloud hosting in association with Hummingbird & Smush Pro plugins. Ever since Hummingbird was introduced we have compiled so many new ideas. Take a peek at the project page to discover every latest feature. Look out for Hummingbird.

You were fed into thinking that optimizing your portal for speed is vital. Ultimately 40% of persons won’t spare 3 seconds for the loading of your front page, whereas Google sets a time of 2 seconds for loading of your site, but you should actually go for 500ms for the maximum SERP ranking.

However, really attaining quick page speeds is extremely deceptive and time taking. I ponder, what the thing a render blocking resource is? (Certainly, that’s a pompous question, but do you recollect the time when you first encountered it on Google PageSpeed Insights?)

Hence, on being asked to evaluate Cloudways’ administered hosting service, I was doubtful. The reality is, I dislike writing reviews on item I don’t prefer, I simply can’t perform such a task, therefore I informed Cloudways that  if anything didn’t convince me I would let it be known to them. However, they presented me with a test account somehow…. and to my surprise…and let truth prevail, I was unbelievably thrilled when I viewed the pace at which my demo website functioned speedily after adding our Hummingbird & Smush Pro plugins to the lot.

Hence, let’s take the challenge. This is how I kick started my portal 1311% quicker employing cloud hosting with Cloudways and also our Hummingbird and WP Smush Pro plugins,- and how my web pages loaded at the bat of an eyelid (within 300 to 400 milliseconds) Continue reading

Good experience

★★★★★
5 5 1
SimplioWebStudio did a great job

Project accomplished

★★★★★
5 5 1
Project accomplished

Plugin developed successfully

★★★★★
5 5 1
Plugin developed successfully

ANOTHER SUCCESSFUL PROJECT

★★★★★
5 5 1
ANOTHER SUCCESSFUL PROJECT

Thank you Simplio team

★★★★★
5 5 1
Great experience

Working with Simplio Web Studio was a fantastic experience.

★★★★★
5 5 1
Working with Simplio Web Studio was a fantastic experience. The service provided was amazing and professional. It was a delight to work with Nir, who went the extra mile to meet our demands in a timely manner. He really made our vision a reality by creating us a classic site, but moreover the relationship we formed is something our company really appreciates. It was a pleasure working with Nir and the team at Simplio Web Studio. We highly recommend them to all and we look forward to working and doing more business with them in the future.

a great project

★★★★★
5 5 1
a great project

All the best

★★★★★
5 5 1
All the best to Simplio

My website is Live

★★★★★
5 5 1
My website is Live , thank you Simplio

From beginning to end, the team at Simplio provided top of the line customer service.

★★★★★
5 5 1
From beginning to end, the team at Simplio provided top of the line customer service. The web developers are incredible and made sure we got exactly what we were looking for! They truly went above and beyond to make us happy and we couldn’t have been more pleased with their talents. We would highly recommend them. Thanks so much Nir!

After over two years of research we chose Simplio.

★★★★★
5 5 1
After over two years of research we chose Simplio. We are so far very satisfied. These people answered the phone on a Sunday and fixed a problem that was not even their fault. It was the host company which I had chosen that had caused our site to go down.

Outstanding in both knowledge and professionalism.

★★★★★
5 5 1
Outstanding in both knowledge and professionalism. Nir and the staff at Simplio are Excellent in branding, web design and overall web presence. Definitely recommended!

I cannot even imagine having another company managing my Presta shopping cart.

★★★★★
5 5 1
They are now part of the Diastasis Rehab business team after working with them almost a year now. I cannot even imagine having another company managing my Presta shopping cart. After a bad experience with a programmer, I needed a new programmer (one that knew prestashop shopping cart) and most important one that I could trust. Finding all three was a difficult process! Lucky for me I found them. I cannot say enough about the diversity of services that this company provides. Every step of the way they make amazing suggestions to increase my sales and they get back to be right away either by email or phone. They have even created a simple and easy check out program for Presta Shop. They are actually a one stop shop! They updated my SSL, are setting up and changing my server to a dedicated one, setting up streaming of my DVD, website design, creating a specific program for address verification on Presta cart and handled the integration of Presta cart with my fulfillment house. I am now working on developing an APP with them

Simplio really helped me out of a jam.

★★★★★
5 5 1
Simplio really helped me out of a jam. They did exactly what I needed on a very tight time frame (with little notice too!!!!) They are my new go-to guys for any Prestashop needs! Thanks Simplio!

Excellent service!

★★★★★
5 5 1
Excellent service! Nir was exceptionally helpful in solving a lot of issues with our website and making the user experience more smooth. He understood the needs of our school and helped improve the website tremendously.

impressed

★★★★★
5 5 1
What impressed me most about working with Simplio was their attention to detail and excellent communication. Not only are they talented developers, but, they are also pleasant to work with and highly professional. Highly recommended!

professional service

★★★★★
5 5 1
What a profissional service Simplio offers.I hired them to rebuild my website for my business and they were creative and professional. Nir was on top of the whole project from day one, until he delivered the project on time. I will defiantly recommend Simplio to anyone who is looking for website services. From creating, designing to maintaining your image online. Good Job Nir and the rest of your group.

Great Logo

★★★★★
5 5 1
Great Logo, Very happy

fantastic to work with

★★★★★
5 5 1
Simplio was fantastic to work with. They were fast, communicative and incredibly helpful to me. I highly recommend them to anyone who needs help with their digital needs!

Awesome experience

★★★★★
5 5 1
All details and requests were met in prompt an friendly manner. Would recommend on any day to anyone who wants to feel their business is in great hands.