Wordpress

Tens of AccessPress WordPress themes compromised as part of a supply chain attackTens of AccessPress WordPress themes compromised as part of a supply chain attack

Tens of AccessPress WordPress themes compromised as part of a supply chain attack

Threat actors planted a backdoor into multiple WordPress themes and plugins after compromising the website of their developer. In a…

4 years ago
High-Severity flaw in 3 WordPress plugins impacts 84,000 websitesHigh-Severity flaw in 3 WordPress plugins impacts 84,000 websites

High-Severity flaw in 3 WordPress plugins impacts 84,000 websites

Researchers discovered a high-severity vulnerability in three different WordPress plugins that impact over 84,000 websites. Researchers from WordPress security company…

4 years ago
Crooks injects e-skimmers in random WordPress plugins of e-storesCrooks injects e-skimmers in random WordPress plugins of e-stores

Crooks injects e-skimmers in random WordPress plugins of e-stores

Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri researchers are…

4 years ago
A flaw in WP Reset PRO WordPress plugin allows wiping the installation DBA flaw in WP Reset PRO WordPress plugin allows wiping the installation DB

A flaw in WP Reset PRO WordPress plugin allows wiping the installation DB

A critical vulnerability in the WP Reset PRO WordPress plugin can allow an authenticated user to wipe the entire database…

4 years ago
New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systemsNew Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers…

4 years ago
Blind SQL Injection flaw in WP Statistics impacted 600K+ sitesBlind SQL Injection flaw in WP Statistics impacted 600K+ sites

Blind SQL Injection flaw in WP Statistics impacted 600K+ sites

Experts discovered a Time-Based Blind SQL Injection vulnerability in the WP Statistics plugin which is installed on over 600,000 WordPress…

4 years ago
SQL injection issue in Anti-Spam WordPress Plugin exposes User DataSQL injection issue in Anti-Spam WordPress Plugin exposes User Data

SQL injection issue in Anti-Spam WordPress Plugin exposes User Data

‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based…

4 years ago
Zerodium will pay $300K for WordPress RCE exploitsZerodium will pay $300K for WordPress RCE exploits

Zerodium will pay $300K for WordPress RCE exploits

Zero-day broker Zerodium announced that will triples payouts for remote code execution exploits for the popular WordPress content management system.…

5 years ago
Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sitesReflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

Researchers discovered a reflected XSS vulnerability in the Ivory Search WordPress Plugin installed on over 60,000 sites. On March 28,…

5 years ago
Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installsCritical flaws in NextGen Gallery WordPress plugin still impact over 500K installs

Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs

The development team behind the NextGen Gallery plugin has addressed two severe CSRF vulnerabilities that could have allowed site takeover.…

5 years ago
Show more Posts
Show previous Posts