WordPress

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

Vulnerabilities, vulnerability, WordPress /

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites 2024-04-03 at 16:16 By Ionut Arghire A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites appeared first on SecurityWeek. This article is […]

React to this headline:

Loading spinner

Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites Read More »

Security Flaw in WP-Members Plugin Leads to Script Injection

Application Security, CVE-2024-1852, Vulnerabilities, Wordfence, WordPress, WP-Members /

Security Flaw in WP-Members Plugin Leads to Script Injection 2024-04-02 at 18:46 By Ionut Arghire A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages. The post Security Flaw in WP-Members Plugin Leads to Script Injection appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Security Flaw in WP-Members Plugin Leads to Script Injection Read More »

Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks

Vulnerabilities, WordPress /

Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks 2024-03-11 at 17:18 By Ionut Arghire A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites. The post Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks Read More »

Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin

Incident Response, remote code execution, SQL injection, Ultimate Member, Vulnerabilities, WordPress /

Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin 2024-02-26 at 17:33 By Ionut Arghire The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin. The post Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical Flaw in Popular ‘Ultimate Member’ WordPress Plugin Read More »

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin

exploited, Vulnerabilities, WordPress /

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin 2024-02-20 at 16:16 By Ionut Arghire Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. The post Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin Read More »

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution

Vulnerabilities, WordPress /

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution 12/12/2023 at 17:31 By Ionut Arghire Critical remote code execution flaws in Backup Migration and Elementor plugins expose WordPress sites to attacks. The post Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution Read More »

WordPress 6.4.2 Patches Remote Code Execution Vulnerability

Vulnerabilities, WordPress /

WordPress 6.4.2 Patches Remote Code Execution Vulnerability 08/12/2023 at 18:32 By Ionut Arghire WordPress 6.4.2 patches a flaw that could be chained with another vulnerability to execute arbitrary code. The post WordPress 6.4.2 Patches Remote Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

WordPress 6.4.2 Patches Remote Code Execution Vulnerability Read More »

EtherHiding: Why hackers may prefer Binance’s BNB Smart Chain

BNB Chain, BSC, EtherHiding, hackers, Malware, scams, smart contracts, WordPress /

EtherHiding: Why hackers may prefer Binance’s BNB Smart Chain 20/10/2023 at 10:04 By Cointelegraph By Martin Young According to cybersecurity analysts at 0xScope and CertiK, threat actors may prefer using BNB Smart Chain contracts because it’s cheaper and seen as having lower security than Ethereum. This article is an excerpt from Cointelegraph.com News View Original

React to this headline:

Loading spinner

EtherHiding: Why hackers may prefer Binance’s BNB Smart Chain Read More »

Researchers warn of increased malware delivery via fake browser updates

consumer, Don't miss, enterprise, Hot stuff, Malware, News, Proofpoint, Sekoia.io, WordPress /

Researchers warn of increased malware delivery via fake browser updates 17/10/2023 at 13:32 By Zeljka Zorz ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoia researchers have concluded. About ClearFake ClearFake

React to this headline:

Loading spinner

Researchers warn of increased malware delivery via fake browser updates Read More »

EtherHiding: Hackers create novel way to hide malicious code in blockchains

BNB Chain, BSC Chain, hackers, Malware, scams, smart contracts, WordPress /

EtherHiding: Hackers create novel way to hide malicious code in blockchains 16/10/2023 at 09:04 By Cointelegraph By Martin Young Threat actors have worked out a way to hide malicious payloads in Binance smart contracts to lure victims into updating their browsers from fake prompts, according to cybersecurity researchers. This article is an excerpt from Cointelegraph.com

React to this headline:

Loading spinner

EtherHiding: Hackers create novel way to hide malicious code in blockchains Read More »

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin

backdoor, Malware & Threats, WordPress /

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin 12/10/2023 at 17:50 By Ionut Arghire A backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence. The post Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin Read More »

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites

Malware & Threats, WordPress /

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites 09/10/2023 at 19:16 By Eduard Kovacs Recently patched TagDiv Composer plugin vulnerability exploited to hack thousands of WordPress sites as part of the Balada Injector campaign. The post Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites appeared first on

React to this headline:

Loading spinner

Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites Read More »

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks

Vulnerabilities, WordPress /

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks 31/08/2023 at 18:05 By Ionut Arghire A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure. The post Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks Read More »

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Application Security, CVE-2023-2834, CVE-2023-2986, CVSS 9.8, Vulnerabilities, WooCommerce, WordPress /

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites 21/06/2023 at 19:14 By Ionut Arghire Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations. The post Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites Read More »

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch

Vulnerabilities, WordPress /

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch 15/05/2023 at 17:47 By Ionut Arghire PoC exploit targeting an XSS vulnerability in the Advanced Custom Fields WordPress plugin started being used in malicious attacks two days after patch. The post WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch

React to this headline:

Loading spinner

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch Read More »

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

Ferrari, Vulnerabilities, WordPress /

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers 12/05/2023 at 20:45 By Eduard Kovacs A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks. The post WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers Read More »

Scroll to Top