Tag: wordpress
-
WPForms-Plug-in reißt Sicherheitsleck in 6 Millionen Webseiten
by
in SecurityNews
Tags: wordpressIm WordPress-Plug-in WPForms können Angreifer eine Lücke missbrauchen, um etwa Zahlungen rückabzuwickeln. Sechs Millionen Webseiten nutzen das Plug-in. First seen on heise.de Jump to article: www.heise.de/news/Wordpress-WPForms-Plug-in-reisst-Sicherheitsleck-in-6-Millionen-Webseiten-10193387.html
-
Über 200.000 Seiten betroffen: Dieses WordPress-Plugin hat kritische Sicherheitslücken
by
in SecurityNews
Tags: wordpressFirst seen on t3n.de Jump to article: t3n.de/news/20000-seiten-wordpress-sicherheitsgefahrt-1660835/
-
Sicherheitsgefahr bei WordPress: Beliebtes AntiPlugin entpuppt sich als Einfallstor für Hacker
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/wordpress-gefahrt-plugin-anti-spam-cleantalk-1660835/
-
WordPress-Websites im Visier einer neuen FakeUpdates-Kampagne
by
in SecurityNewsFakeUpdates, auch bekannt als SocGholish, ist seit mindestens 2017 aktiv und verwendet JavaScript-Malware, um Websites anzugreifen, insbesondere solch… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wordpress-websites-im-visier-einer-neuen-fakeupdates-kampagne/a36764/
-
Hacker bekommen vollen Website-Zugriff: Beliebtes WordPress-Plugin hat gefährliche Schwachstellen
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/hacker-wordpress-plugin-schwachstelle-1660835/
-
Sicherheitslücke bei WordPress: Millionen Webseiten betroffen
by
in SecurityNewsSicherheitsforscher haben eine neue Sicherheitslücke in einem WordPress-Plugin gefunden und ihre Erkenntnisse veröffentlicht. Jetzt suchen Hacker nach… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/sicherheitslucke-bei-wordpress-millionen-webseiten-betroffen
-
WordPress Plug-in loggt Passwörter im Klartext
by
in SecurityNewsDas All-In-One Security (AIOS) WordPress Plug-in kommt in mehr als einer Million Webseiten zum Einsatz. Jetzt zeigt sich, dass das Plug-in Nutzerpassw… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/wordpress-plug-in-loggt-passworter-im-klartext
-
WordPress-Hoster Kinsta von Phishing-Anzeigen geplagt
by
in SecurityNewsDer WordPress-Hosting-Anbieter Kinsta warnt seine Kunden vor Google-Anzeigen, die für Phishing-Seiten werben, über die Anmeldedaten für MyKinsta gesto… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/wordpress-hoster-kinsta-von-phishing-anzeigen-geplagt
-
Sicherheitslücke in WordPress-Plugin bedroht mehr als 300.000 Webseiten
by
in SecurityNewsDas WordPress-Plugin Forminator, das auf über 500.000 Webseiten zu finden ist, hat eine Schwachstelle, die es Angreifern erlaubt, unbeschränkte Datei-… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/sicherheitslucke-in-wordpress-plugin-bedroht-mehr-als-300-000-webseiten
-
WordPress erhöht ab Oktober die Sicherheit
by
in SecurityNewsWordPress soll sicherer werden. Daher müssen Plug-in- und Theme-Autoren ab Oktober die Zwei-Faktor-Authentifizierung (2FA) und die Verwendung von Subv… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/wordpress-erhoht-ab-oktober-die-sicherheit
-
Widespread WordPress compromise possible with critical plugin flaws
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-wordpress-compromise-possible-with-critical-plugin-flaws
-
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
by
in SecurityNewsTwo critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution.The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in…
-
200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability
by
in SecurityNewsA critical security vulnerability has been discovered in the popular WordPress plugin Anti-Spam by CleanTalk, which is installed on over 200,000 websites. The vulnerability, which includes two distinct flaws (CVE-2024-10542 and CVE-2024-10781), could allow attackers to install and activate arbitrary plugins on affected websites, potentially leading to remote code execution and full site compromise. Website owners…
-
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
by
in SecurityNewsTwo vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin allowed attackers to execute arbitrary code remotely. The post Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerabilities-found-in-anti-spam-plugin-used-by-200000-wordpress-sites/
-
WordPress-Plug-in Anti-Spam by Cleantalk gefährdet 200.000 Seiten
by
in SecurityNewsIm WordPress-Plug-in Anti-Spam by Cleantalk klaffen gleich zwei Sicherheitslücken, durch die nicht authentifizierte Angreifern Instanzen kompromittieren können. First seen on heise.de Jump to article: www.heise.de/news/Wordpress-Plug-in-Anti-Spam-by-Cleantalk-gefaehrdet-200-000-Seiten-10175993.html
-
WordPress forces user conf organizers to share social media credentials, arousing suspicions
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/28/wordcamp_password_sharing_requirement/
-
WordPress Plug-In Vulnerability Threatens 4 Million Sites
by
in SecurityNewsCritical Authentication Flaw Impacts Both Free and Pro Users. A widely deployed five-in-one security plug-in for WordPress websites contained a flaw that hackers could automate into a large-scale takeover campaign. The critical authentication bypass vulnerability takes advantage of a now-patched flaw in the Really Simple Security plug-in. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/wordpress-plug-in-vulnerability-threatens-4-million-sites-a-26843
-
Smashing Security podcast #389: WordPress vs WP Engine, and the Internet Archive is down
by
in SecurityNewsWordPress’s emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance…. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-389/
-
Millions of WordPress sites potentially hijackable due to critical plugin bug
by
in SecurityNews
Tags: wordpressFirst seen on scworld.com Jump to article: www.scworld.com/brief/millions-of-wordpress-sites-potentially-hijackable-due-to-critical-plugin-bug
-
WordPress Plugin Vulnerability Threatens 4 Million Sites
by
in SecurityNewsCritical Authentication Flaw Impacts Both Free and Pro Users. A widely deployed five-in-one security plugin for WordPress websites contained a flaw that hackers could automate into a large-scale takeover campaign. The critical authentication bypass vulnerability takes advantage of a now-patched flaw in the Really Simple Security plugin. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/wordpress-plugin-vulnerability-threatens-4-million-sites-a-26843
-
Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
by
in SecurityNewsA vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/critical-wordpress-plugin-flaw-4m-sites-takeover
-
Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites
by
in SecurityNewsA Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. It’s one of the most critical WordPress vulnerabilities ever. Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. The Really Simple Security plugin, formerly Really Simple SSL, is…
-
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
by
in SecurityNewsA critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The…
-
Security plugin flaw in millions of WordPress sites gives admin access
by
in SecurityNewsA critical authentication bypass vulnerability has been discovered impacting the WordPress plugin ‘Really Simple Security’ (formerly ‘Really Simple SSL’), including both free and Pro versions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/security-plugin-flaw-in-millions-of-wordpress-sites-gives-admin-access/
-
WordPress-Plug-in Really Simple Security gefährdet 4 Millionen Websites
by
in SecurityNews
Tags: wordpressRund vier Millionen WordPress-Seiten nutzen das Plug-in Really Simple Security. Angreifer aus dem Netz können sie kompromittieren. First seen on heise.de Jump to article: www.heise.de/news/Wordpress-Plug-in-Really-Simple-Security-gefaehrdet-4-Millionen-Websites-10038111.html
-
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover
by
in SecurityNewsOver 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access. The post Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover/
-
RCE intrusions likely with critical WPLMS WordPress theme issue
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/rce-intrusions-likely-with-critical-wplms-wordpress-theme-issue
-
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
by
in SecurityNewsA high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to eleva… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html
-
Video: Top Cybersecurity Threats That You Need to Fix
by
in SecurityNewsStay informed about critical security issues. We cover a WordPress vulnerability, the need to update Chrome, and more. Protect your online presence, watch now. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/video/top-security-threats-2024/