Wordpress Archives - Page 2 of 16

Pierluigi Paganini April 26, 2024

Experts warn of an ongoing malware campaign targeting WP-Automatic plugin

A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites WordPress security scanner WPScan warns that threat actors are exploiting a critical SQL injection vulnerability in the plugin WordPress Automatic to inject malware into websites. The premium plugin “Automatic” developed by ValvePress enables users to automatically […]

Pierluigi Paganini April 02, 2024

XSS flaw in WordPress WP-Members Plugin can lead to script injection

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin that can lead to malicious script injection. The Unauthenticated Stored Cross-Site Scripting vulnerability was reported to Wordfence by the WordPress […]

Pierluigi Paganini March 23, 2024

Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. The experts discovered that threat actors compromised the websites implanting malicious JavaScript injections that […]

Pierluigi Paganini March 18, 2024

Remove WordPress miniOrange plugins, a critical flaw can allow site takeover

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza. This WordPress plugin has more than 10,000+ active installations. The […]

Pierluigi Paganini February 27, 2024

XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. The plugin LiteSpeed Cache (free version) is a popular caching plugin in WordPress which has over 4 million active installations. An unauthenticated […]

Pierluigi Paganini December 10, 2023

WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw

WordPress 6.4.2 addressed a security vulnerability that could be chained with another flaw to achieve remote code execution. WordPress released a security update to address a flaw that can be chained with another issue to gain remote code execution. According to the advisory, the RCE flaw is not directly exploitable in the core, however, threat […]

Pierluigi Paganini October 13, 2023

More than 17,000 WordPress websites infected with the Balada Injector in September

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised in September with the Balada Injector. The researchers noticed that the number of Balada Injector infections has doubled compared with August. The Balada injector is a malware family that […]

Pierluigi Paganini August 09, 2023

Balada Injector still at large – new domains discovered

The Balada Injector is still at large and still evading security software by utilizing new domain names and using new obfuscation. During a routine web monitoring operation, we discovered an address that led us down a rabbit hole of WordPress-orientated “hack waves” caused by the Balada Injector malware. This evidence suggests that the malware is […]

Pierluigi Paganini July 31, 2023

Three flaws in Ninja Forms plugin for WordPress impact 900K sites

Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data theft. The Ninja Forms plugin for WordPress is affected by multiple vulnerabilities (tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393) that can be exploited by threat actors to escalate privileges and steal sensitive data. The WordPress plugin Ninja […]

Pierluigi Paganini July 18, 2023

Hacking campaign targets sites using WordPress WooCommerce Payments Plugin

Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2023-28121 (CVSS score: 9.8), in the WooCommerce Payments WordPress plugin. The flaw is an authentication bypass issue that can be exploited by an unauthenticated attacker to impersonate arbitrary […]

Wordpress

Experts warn of an ongoing malware campaign targeting WP-Automatic plugin

XSS flaw in WordPress WP-Members Plugin can lead to script injection

Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites

Remove WordPress miniOrange plugins, a critical flaw can allow site takeover

XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk

WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw

More than 17,000 WordPress websites infected with the Balada Injector in September

Balada Injector still at large – new domains discovered

Three flaws in Ninja Forms plugin for WordPress impact 900K sites

Hacking campaign targets sites using WordPress WooCommerce Payments Plugin

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

ShadowLeak: Radware Uncovers Zero-Click Attack on ChatGPT

SonicWall warns customers to reset credentials after MySonicWall backups were exposed

CVE-2025-10585 is the sixth actively exploited Chrome zero-day patched by Google in 2025

Jaguar Land Rover will extend its production halt into a third week following a cyberattack

China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy

QUICK LINKS

Wordpress

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!