Tag: wordpress
-
New Wpeeper Android malware hides behind hacked WordPress sites
by
in SecurityNewsA new Android backdoor malware named ‘Wpeeper’ has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular thir… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-wpeeper-android-malware-hides-behind-hacked-wordpress-sites/
-
Hackers Exploit WP-Automatic Plugin Vulnerability, Threatening WordPress Site Security
by
in SecurityNewsFirst seen on thecyberexpress.com Jump to article: thecyberexpress.com/wp-automatic-plugin-vulnerability/
-
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
by
in SecurityNewsA vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites. The post ability in the WordPre… First seen on securityweek.com Jump to article: www.securityweek.com/critical-wordpress-automatic-plugin-vulnerability-exploited-to-inject-backdoors/
-
Experts warn of an ongoing malware campaign targeting WP-Automatic plugin
by
in SecurityNewsA critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites WordPress security scan… First seen on securityaffairs.com Jump to article: securityaffairs.com/162364/hacking/wordpress-automatic-critical-flaw.html
-
WP Automatic WordPress plugin hit by millions of SQL injection attacks
by
in SecurityNewsHackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/
-
Hackers try to exploit WordPress vulnerability that’s as severe as it gets
by
in SecurityNewsFirst seen on arstechnica.com Jump to article: arstechnica.com/
-
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites
by
in SecurityNewsJapan’s CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server. Japan’s CERT warned that… First seen on securityaffairs.com Jump to article: securityaffairs.com/162113/security/forminator-wordpress-plugin-flaws.html
-
Critical Forminator plugin flaw impacts over 300k WordPress sites
by
in SecurityNewsThe Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads t… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-forminator-plugin-flaw-impacts-over-300k-wordpress-sites/
-
Schwere Sicherheitslücke in WordPress-Plugin Layerslider – SQL-Injection eröffnet Angreifer Zugang zu WordPress
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-layerslider-plugin-entdeckt-a-a2f1c11fa3a5fb78c1bd3639abea4a90/
-
5 Best CAPTCHA Plugins for WordPress Websites
by
in SecurityNewsHere’s an updated list of five effective CAPTCHA plugins for WordPress that can help enhance the security of your website by preventing spam and bot a… First seen on hackread.com Jump to article: www.hackread.com/5-best-captcha-plugins-for-wordpress-websites/
-
LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections
by
in SecurityNewsRecent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/layerslider-plugin-flaw-exposes-1m-sites-to-sql-injections/
-
The Essential Tools and Plugins for WordPress Development
by
in SecurityNewsFirst seen on hackread.com Jump to article: www.hackread.com/essential-wordpress-development-tools-plugins/
-
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
by
in SecurityNewsA critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as passw… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/critical-security-flaw-found-in-popular.html
-
Thousands of WordPress sites injected with crypto drainers
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/thousands-of-wordpress-sites-injected-with-crypto-drainers
-
Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection
by
in SecurityNewsA researcher received a $5,500 bug bounty for discovering a vulnerability (CVE-2024-2879) in LayerSlider, a plug-in with more than a million active in… First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/critical-security-flaw-wordpress-sql-injection
-
WordPress LayerSlide Plugin Bug Risks Password Hash Extraction
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35744/WordPress-LayerSlide-Plugin-Bug-Risks-Password-Hash-Extraction.html
-
Kritische Sicherheitslücke in WordPress-Plug-in Layerslider
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Kritische-Sicherheitsluecke-in-Wordpress-Plug-in-Layerslider-9673458.html
-
Hackers deploy crypto drainers on thousands of WordPress sites
by
in SecurityNewsAlmost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-deploy-crypto-drainers-on-thousands-of-wordpress-sites/
-
WordPress LayerSlider plugin bug risks password hash extraction
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/wordpress-layerslider-plugin-bug-risks-password-hash-extraction
-
XSS flaw in WordPress WP-Members Plugin can lead to script injection
by
in SecurityNewsA cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defi… First seen on securityaffairs.com Jump to article: securityaffairs.com/161407/hacking/wordpress-wp-members-plugin-xss.html
-
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
by
in SecurityNewsA premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prio… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-flaw-in-layerslider-wordpress-plugin-impacts-1-million-sites/
-
Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites
by
in SecurityNewsA critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post al SQL injectio… First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerability-found-in-layerslider-plugin-installed-on-a-million-wordpress-sites/
-
Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects
A massive malware campaign dubbed;Sign1;has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to r… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/massive-sign1-campaign-infects-39000.html
-
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the … First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
-
CVE-2023-40000: LiteSpeed Plugin Flaw Exposes Millions of WordPress Sites
by
in SecurityNewsA concerning security vulnerability within a widely-used WordPress plugin, LiteSpeed Cache, has been detected. Tracked as CVE-2023-40000, this vulnera… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2023-40000-litespeed-plugin-wordpress/
-
CVE-2024-1071: Ultimate Member Plugin Flaw Exposes WordPress Sites
by
in SecurityNewsThe revelation of a critical security loophole within the widely deployed WordPress plugin, Ultimate Member, has sent shockwaves through the online co… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-1071-ultimate-member-plugin-wordpress/
-
Thousands of WordPress Websites Hacked with New Sign1 Malware
by
in SecurityNewsFirst seen on hackread.com Jump to article: www.hackread.com/wordpress-websites-hacked-new-sign1-malware/
-
Critical Flaw Detected in MiniOrange Plugins
by
in SecurityNewsConcerned about the vulnerability of WordPress plugins jeopardizing your website’s security? Did you know? Vulnerable plugins are the primary cause of… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/wordpress-critical-flaw-detected-in-miniorange-plugins/
-
Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites
by
in SecurityNewsA large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucur… First seen on securityaffairs.com Jump to article: securityaffairs.com/160942/hacking/sign1-malware-campaign.html
-
Sign1 Malware Hijacked 39,000 WordPress Websites
by
in SecurityNewsA client’s website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which is a malware ca… First seen on gbhackers.com Jump to article: gbhackers.com/sign1-malware-hijacks-wordpress-sites/