Tag: wordpress
-
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the … First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html
-
CVE-2024-1071: Ultimate Member Plugin Flaw Exposes WordPress Sites
The revelation of a critical security loophole within the widely deployed WordPress plugin, Ultimate Member, has sent shockwaves through the online co… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-1071-ultimate-member-plugin-wordpress/
-
CVE-2023-40000: LiteSpeed Plugin Flaw Exposes Millions of WordPress Sites
A concerning security vulnerability within a widely-used WordPress plugin, LiteSpeed Cache, has been detected. Tracked as CVE-2023-40000, this vulnera… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2023-40000-litespeed-plugin-wordpress/
-
Thousands of WordPress Websites Hacked with New Sign1 Malware
First seen on hackread.com Jump to article: www.hackread.com/wordpress-websites-hacked-new-sign1-malware/
-
Critical Flaw Detected in MiniOrange Plugins
Concerned about the vulnerability of WordPress plugins jeopardizing your website’s security? Did you know? Vulnerable plugins are the primary cause of… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/wordpress-critical-flaw-detected-in-miniorange-plugins/
-
Large-scale Sign1 malware campaign already infected 39,000+ WordPress sites
A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucur… First seen on securityaffairs.com Jump to article: securityaffairs.com/160942/hacking/sign1-malware-campaign.html
-
Sign1 Malware Hijacked 39,000 WordPress Websites
A client’s website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which is a malware ca… First seen on gbhackers.com Jump to article: gbhackers.com/sign1-malware-hijacks-wordpress-sites/
-
Evasive Sign1 malware campaign infects 39,000 WordPress sites
A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redire… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/evasive-sign1-malware-campaign-infects-39-000-wordpress-sites/
-
Thousands of WordPress sites impacted by Sign1 malware campaign
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/thousands-of-wordpress-sites-impacted-by-sign1-malware-campaign
-
WordPress Plugin Flaw Exposes 40,000+ Websites to Cyber Attack
A popular WordPress plugin, Automatic (premium version), developed by ValvePress, has been found to harbor critical security vulnerabilities that put … First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-plugin-flaw-2/
-
Remove WordPress miniOrange plugins, a critical flaw can allow site takeover
A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, W… First seen on securityaffairs.com Jump to article: securityaffairs.com/160674/hacking/remove-wordpress-miniorange-plugins.html
-
Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks
A critical vulnerability was discovered in two plugins developed by miniOrange. The affected plugins, miniOrange’s Malware Scanner and Web Application… First seen on gbhackers.com Jump to article: gbhackers.com/discontinued-wordpress-plugin-flaw/
-
Discontinued Security Plugins Expose Many WordPress Sites to Takeover
Thousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins. The post s… First seen on securityweek.com Jump to article: www.securityweek.com/discontinued-security-plugins-expose-many-wordpress-sites-to-takeover/
-
5M WordPress Websites At Risk Amid LiteSpeed Plugin Flaw
A highly sensitive flaw has been identified in the LiteSpeed plugin of WordPress, which has put as many as 5 million websites at risk. Uncovered by th… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/5m-wordpress-websites-at-risk-amid-litespeed-plugin-flaw/
-
Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code.Accor… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
-
Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites To Attacks
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35632/Ultimate-Member-Plugin-Flaw-Exposes-100-000-WordPress-Sites-To-Attacks.html
-
WordPress Builder Plugin Flaw Exposes 3,300+ Websites To XSS Attack
A recent surge in attacks from a new malware campaign exploits a known vulnerability in the WordPress plugin Popup Builder, infecting over 3,300 websi… First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-builder-plugin-flaw/
-
Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites wi… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/
-
Hacked WordPress Sites Abusing Visitors’ Browsers for Distributed Brute-Force Attacks
Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri revea… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html
-
Hacked WordPress Sites Using Visitors’ Browsers For Distributed Brute Force Attacks
Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors. A recent in… First seen on gbhackers.com Jump to article: gbhackers.com/hacked-wordpress-sites-browser-attacks/
-
Hacked WordPress sites use visitors’ browsers to hack other sites
Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other sites. … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacked-wordpress-sites-use-visitors-browsers-to-hack-other-sites/
-
Hackers Exploit WordPress Plugin Flaw to Deploy Godzilla Web Shell
Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell. This … First seen on gbhackers.com Jump to article: gbhackers.com/wordpress-plugin-godzilla/
-
WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites
A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installat… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html
-
WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk
A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their priv… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/wordpress-litespeed-plugin.html
-
Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/4-million-wordpress-litespeed/
-
Kritische Lücke in WordPress-Plug-in Ultimate Member leakt Passwort-Hashes
First seen on heise.de Jump to article: heise.de/news/Kritische-Luecke-in-Wordpress-Plug-in-Ultimate-Member-leakt-Passwort-Hashes-9640177.html
-
WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking
A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. T… First seen on gbhackers.com Jump to article: gbhackers.com/ultimate-member-wordpress-plugin-flaw/
-
Websites Hacked Via Vuln In Bricks Builder WordPress Plugin
Tags: wordpressFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35560/Websites-Hacked-Via-Vuln-In-Bricks-Builder-WordPress-Plugin.html
-
Hackers exploit critical RCE flaw in Bricks WordPress site builder
Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-critical-rce-flaw-in-bricks-wordpress-site-builder/
-
Watching the Furby Fly (an article resurrected)
Tags: wordpress[You’ll probably see advertisements inserted by WordPress into this article. I don’t choose them or approve them in fact, I don’t normally see them … First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2024/02/watching-the-furby-fly-an-article-resurrected/