Tag: wordpress
-
Compromised plugins found on WordPress.org
by
in SecurityNewsAn unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effec… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/26/compromised-plugins-wordpress/
-
New Caesar Cipher Skimmer targets popular CMS used by e-stores
by
in SecurityNews
Tags: wordpressA new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discov… First seen on securityaffairs.com Jump to article: securityaffairs.com/164937/malware/caesar-cipher-skimmer-targets-popolar-cms-used-by-e-stores.html
-
Several Plugins Compromised in WordPress Supply Chain Attack
by
in SecurityNewsFive WordPress plugins were injected with malicious code that creates a new administrative account. The post dPress plugins were injected with malicio… First seen on securityweek.com Jump to article: www.securityweek.com/several-plugins-compromised-in-wordpress-supply-chain-attack/
-
Hackers Exploit Multiple WordPress Plugins to Hack Websites Create Rogue Admin Accounts
by
in SecurityNewsWordfence Threat Intelligence team identified a significant security breach involving multiple WordPress plugins. The initial discovery was made when … First seen on gbhackers.com Jump to article: gbhackers.com/hackers-exploit-multiple-wordpress/
-
WordPress Plugins Hit by Supply Chain Attack: Update Now!
by
in SecurityNewsA new supply chain attack has impacted several plugins hosted on WordPress.org. This WordPress vulnerability, discovered on June 24th, 2024, by the Wo… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/wordpress-supply-chain-attack/
-
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
by
in SecurityNewsCybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/researchers-uncover-active-exploitation.html
-
Understanding the RCE Vulnerabilities in WordPress Plugins
by
in SecurityNewsImagine handing over the controls of your website to someone you don’t trust that’s the risk of RCE vulnerabilities in WordPress. Attackers can modi… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/understanding-the-rce-vulnerabilities-in-wordpress-plugins/
-
Popular WordPress Plugins Leave Millions Open to Backdoor Attacks
by
in SecurityNewsFirst seen on hackread.com Jump to article: hackread.com/popular-wordpress-plugins-backdoor-attack/
-
WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites
by
in SecurityNewsUnknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of har… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html
-
Critical wpDataTables Vulnerability Let Attackers Perform SQL Injection
by
in SecurityNewsA critical security vulnerability has been discovered in the wpDataTables WordPress Data Table, Dynamic Tables & Table Charts Plugin, a popular pl… First seen on gbhackers.com Jump to article: gbhackers.com/critical-wpdatatables-vulnerability/
-
XSS Vulnerabilities Found in WordPress Plugin Slider Revolution
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/xss-flaws-wordpress-plugin-slider/
-
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
by
in SecurityNews
Tags: wordpressFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/nearly-6m-wordpress-sites-may-be-affected-by-bugs-in-3-plug-ins
-
Hackers Exploiting Stored XSS Vulnerabilities in WordPress Plugins
by
in SecurityNewsIn recent cyberattacks, hackers are actively exploiting stored cross-site scripting (XSS) vulnerabilities in various WordPress plugins. According to F… First seen on gbhackers.com Jump to article: gbhackers.com/exploiting-stored-xss-vulnerabilities/
-
Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors
Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites. The post s campaign exploits high-severity XSS fl… First seen on securityweek.com Jump to article: www.securityweek.com/critical-wordpress-plugin-flaws-exploited-to-inject-malicious-scripts-and-backdoors/
-
WordPress plugin leveraged to facilitate credit card data theft
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/wordpress-plugin-leveraged-to-facilitate-credit-card-data-theft
-
WordPress Plugin abused to install e-skimmers in e-commerce sites
by
in SecurityNewsThreat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observ… First seen on securityaffairs.com Jump to article: securityaffairs.com/163777/malware/wordpress-plugin-insert-e-skimmer.html
-
Hackers Exploit WordPress Plugin to Steal Credit Card Data
by
in SecurityNewsHackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting WooCommerce online stores to steal credit c… First seen on gbhackers.com Jump to article: gbhackers.com/hackers-exploit-wordpress/
-
SingCERT Warns Critical Vulnerabilities Found in Multiple WordPress Plugins
by
in SecurityNewsThe Cyber Security Agency of Singapore has issued a critical alert concerning vulnerabilities in several WordPress plugins, highlighting the urgency f… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/wordpress-plugin-vulnerabilities/
-
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets
by
in SecurityNewsFirst seen on arstechnica.com Jump to article: arstechnica.com/
-
LiteSpeed Cache Bug Exploit For Control Of WordPress Sites
by
in SecurityNewsIn recent developments concerning WordPress security, a significant vulnerability has come to light in the widely used LiteSpeed Cache plugin. This Li… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/litespeed-cache-bug-exploit-for-control-of-wordpress-sites/
-
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/hackers-exploiting-litespeed-cache-bug.html
-
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
by
in SecurityNewsCybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays … First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/android-malware-wpeeper-uses.html
-
LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites
by
in SecurityNewsIs your WordPress site using LiteSpeed Cache? A recent surge in malicious JavaScript injections targets vulnerable versions. Learn how to identify the… First seen on hackread.com Jump to article: www.hackread.com/litespeed-cache-plugin-xss-vulnerability-wordpress-sites/
-
LiteSpeed Cache WordPress plugin actively exploited in the wild
by
in SecurityNewsThreat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites. WPScan researchers repo… First seen on securityaffairs.com Jump to article: securityaffairs.com/162876/hacking/litespeed-cache-wordpress-pluging-bug.html
-
WordPress sites targeted for hijacking with LiteSpeed Cache plugin flaw
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/wordpress-sites-targeted-for-hijacking-with-litespeed-cache-plugin-flaw
-
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of t… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-litespeed-cache-flaw-to-create-wordpress-admins/
-
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
Threat actors are attempting to actively exploit a critical security flaw in the WP‘Automatic plugin for WordPress that could allow site takeovers.The… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html
-
Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?
A highly concerning security loophole was recently discovered in a WordPress plugin called Email Subscribers by Icegram Express, a popular tool utiliz… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/tracking-cve-2024-2876-why-does-the-latest-wordpress-exploit-compromise-over-90000-websites/
-
Mal.Metrica Malware Hijacks 17,000+ WordPress Sites
by
in SecurityNewsInfected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past… First seen on gbhackers.com Jump to article: gbhackers.com/malmetrica-malware-hijacks-wordpress-sites/
-
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield CommandControl Server
by
in SecurityNewsThe new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal. The post Wpeeper Android trojan ceased operations… First seen on securityweek.com Jump to article: www.securityweek.com/wpeeper-android-trojan-uses-compromised-wordpress-sites-to-shield-command-and-control-server/