Tag: wordpress
-
Evasive Sign1 malware campaign infects 39,000 WordPress sites
by
in SecurityNewsA previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redire… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/evasive-sign1-malware-campaign-infects-39-000-wordpress-sites/
-
Thousands of WordPress sites impacted by Sign1 malware campaign
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/thousands-of-wordpress-sites-impacted-by-sign1-malware-campaign
-
WordPress Plugin Flaw Exposes 40,000+ Websites to Cyber Attack
by
in SecurityNewsA popular WordPress plugin, Automatic (premium version), developed by ValvePress, has been found to harbor critical security vulnerabilities that put … First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-plugin-flaw-2/
-
Remove WordPress miniOrange plugins, a critical flaw can allow site takeover
by
in SecurityNewsA critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, W… First seen on securityaffairs.com Jump to article: securityaffairs.com/160674/hacking/remove-wordpress-miniorange-plugins.html
-
Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks
by
in SecurityNewsA critical vulnerability was discovered in two plugins developed by miniOrange. The affected plugins, miniOrange’s Malware Scanner and Web Application… First seen on gbhackers.com Jump to article: gbhackers.com/discontinued-wordpress-plugin-flaw/
-
Discontinued Security Plugins Expose Many WordPress Sites to Takeover
by
in SecurityNewsThousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins. The post s… First seen on securityweek.com Jump to article: www.securityweek.com/discontinued-security-plugins-expose-many-wordpress-sites-to-takeover/
-
5M WordPress Websites At Risk Amid LiteSpeed Plugin Flaw
by
in SecurityNewsA highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered by th… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/5m-wordpress-websites-at-risk-amid-litespeed-plugin-flaw/
-
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code.Accor… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
-
Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites To Attacks
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35632/Ultimate-Member-Plugin-Flaw-Exposes-100-000-WordPress-Sites-To-Attacks.html
-
WordPress Builder Plugin Flaw Exposes 3,300+ Websites To XSS Attack
by
in SecurityNewsA recent surge in attacks from a new malware campaign exploits a known vulnerability in the WordPress plugin Popup Builder, infecting over 3,300 websi… First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-builder-plugin-flaw/
-
Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware
by
in SecurityNewsHackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites wi… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/
-
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri revea… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html
-
Hacked WordPress Sites Using Visitors’ Browsers For Distributed Brute Force Attacks
by
in SecurityNewsResearchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors. A recent in… First seen on gbhackers.com Jump to article: gbhackers.com/hacked-wordpress-sites-browser-attacks/
-
Hacked WordPress sites use visitors’ browsers to hack other sites
by
in SecurityNewsHackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other sites. … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacked-wordpress-sites-use-visitors-browsers-to-hack-other-sites/
-
Hackers Exploit WordPress Plugin Flaw to Deploy Godzilla Web Shell
by
in SecurityNewsHackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell. This … First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-plugin-godzilla/
-
WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites
by
in SecurityNewsA critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installat… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html
-
WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
by
in SecurityNewsA security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their priv… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/wordpress-litespeed-plugin.html
-
Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/4-million-wordpress-litespeed/
-
Kritische Lücke in WordPress-Plug-in Ultimate Member leakt Passwort-Hashes
by
in SecurityNewsFirst seen on heise.de Jump to article: heise.de/news/Kritische-Luecke-in-Wordpress-Plug-in-Ultimate-Member-leakt-Passwort-Hashes-9640177.html
-
WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking
by
in SecurityNewsA critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. T… First seen on gbhackers.com Jump to article: gbhackers.com/ultimate-member-wordpress-plugin-flaw/
-
Websites Hacked Via Vuln In Bricks Builder WordPress Plugin
by
in SecurityNews
Tags: wordpressFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35560/Websites-Hacked-Via-Vuln-In-Bricks-Builder-WordPress-Plugin.html
-
Hackers exploit critical RCE flaw in Bricks WordPress site builder
by
in SecurityNewsHackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-critical-rce-flaw-in-bricks-wordpress-site-builder/
-
Watching the Furby Fly (an article resurrected)
by
in SecurityNews
Tags: wordpress[You’ll probably see advertisements inserted by WordPress into this article. I don’t choose them or approve them in fact, I don’t normally see them … First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2024/02/watching-the-furby-fly-an-article-resurrected/
-
Flaw in AI Plugin Exposes 50,000 WordPress Sites to Remote Attack
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaw-ai-plugin-exposes-50000-wp/
-
WordPress To Accept Bitcoin Without Confirmations
by
in SecurityNews
Tags: wordpressFirst seen on http: Jump to article: packetstormsecurity.org/news/view/21767/Wordpress-To-Accept-Bitcoin-Without-Confirmations.html
-
UNESCO Etxea website hacked by #NullCrew
by
in SecurityNewsAfter watching the data dumped on deface page including the kernel version of server and wordpress database;configuration;file we can judge that, hack… First seen on http: Jump to article: thehackernews.com/2012/11/unesco-etxea-website-hacked-by-nullcrew.html
-
Im getting paid! – Websites hosted on WordPress hacked due to users’ poor password security
by
in SecurityNewsMillions of blogs hosted on WordPress.com can breathe a sigh of relief – although a hacker did manage to break into thousands of sites and publish a m… First seen on http: Jump to article: feedproxy.google.com/~r/nakedsecurity/~3/VnKfY0DcLkg/
-
45000 WordPress blogs hacked on 2nd day of Spam campaign
by
in SecurityNewsYesterday I have reported about a huge mysterious hack in wo… First seen on http: Jump to article: thehackernews.com/2012/10/45000-wordpress-blogs-hacked-on-2nd-day.html
-
15000 WordPress blogs hacked for making money from Survey
by
in SecurityNews
Tags: wordpressWordPress Security Team is sending out warning messages to thousands of wordpress users that their;account has been compromised recently. Warning mess… First seen on http: Jump to article: thehackernews.com/2012/10/15000-wordpress-blogs-hacked-for-making.html
-
AMD-Blog nach Hackerangriff vorübergehend offline
by
in SecurityNewsEine Gruppe namens r00tbeer ist gestern offenbar in AMDs WordPress-System eingedrungen und hat die Nutzerdatenbank entwendet. Sie soll aber keine Kund… First seen on http: Jump to article: www.zdnet.de/88119466/amd-blog-nach-hackerangriff-vorubergehend-offline/