Tag: wordpress

Critical WordPress Plugin Bugs Exploited En Masse

Oct 27, 2025 12:26 PM

Tags: exploit, threat, vulnerability, wordpress

Wordfence says threat actors are trying to exploit three critical vulnerabilities from 2024 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/critical-wordpress-plugin-bugs/
Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

Oct 27, 2025 10:26 AM

Tags: attack, exploit, flaw, hacker, rce, remote-code-execution, vulnerability, wordpress

Hackers exploited old RCE flaws in WordPress GutenKit and Hunk Companion plugins. Wordfence firm blocked 8.7M attacks in two days. In September and October 2024, submissions revealed Arbitrary Plugin Installation vulnerabilities in GutenKit and Hunk Companion WordPress plugins, with 40,000 and 8,000+ installs, respectively. These flaws allow unauthenticated attackers to install plugins and achieve RCE.…
Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

Oct 27, 2025 10:26 AM

Tags: attack, exploit, flaw, hacker, rce, remote-code-execution, vulnerability, wordpress

Hackers exploited old RCE flaws in WordPress GutenKit and Hunk Companion plugins. Wordfence firm blocked 8.7M attacks in two days. In September and October 2024, submissions revealed Arbitrary Plugin Installation vulnerabilities in GutenKit and Hunk Companion WordPress plugins, with 40,000 and 8,000+ installs, respectively. These flaws allow unauthenticated attackers to install plugins and achieve RCE.…
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild

Oct 25, 2025 8:26 PM

Tags: control, cyber, cybersecurity, exploit, flaw, hacker, malicious, software, vulnerability, wordpress

Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing unauthenticated attackers to install malicious software and potentially seize control of websites. The flaws, first disclosed in late 2024, affect GutenKit and Hunk Companion plugins, which boast over 40,000 and 8,000 active installations respectively. Despite…
Hackers launch mass attacks exploiting outdated WordPress plugins

Oct 24, 2025 10:26 PM

Tags: attack, exploit, hacker, remote-code-execution, vulnerability, wordpress

A widespread exploitation campaign is targeting WordPress websites with GutenKit and Hunk Companion plugins vulnerable to critical-severity, old security issues that can be used to achieve remote code execution (RCE). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-launch-mass-attacks-exploiting-outdated-wordpress-plugins/
Kritische Sicherheitslücke in WordPress-Theme ‘Service Finder<<

Oct 18, 2025 6:07 AM

Tags: bug, cve, service, vulnerability, wordpress

Eine schwere Sicherheitslücke im WordPress-Theme ‘Service Finder” und dem zugehörigen Plugin ‘Bookings” wird derzeit aktiv von Angreifern ausgenutzt. Die als CVE-2025-5947 katalogisierte Schwachstelle ermöglicht es Unbefugten, sich ohne gültige Zugangsdaten als Administrator anzumelden und die vollständige Kontrolle über betroffene Websites zu übernehmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cloud-security/service-finder-sicherheitsluecke
North Korean threat actors turn blockchains into malware delivery servers

Oct 18, 2025 12:07 AM

Tags: api, apt, attack, backdoor, blockchain, browser, chrome, crypto, cybercrime, cyberespionage, data, framework, google, group, infection, jobs, korea, linkedin, malicious, malware, north-korea, service, social-engineering, software, threat, update, windows, wordpress

Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
North Korean threat actors turn blockchains into malware delivery servers

Oct 18, 2025 12:07 AM

Tags: api, apt, attack, backdoor, blockchain, browser, chrome, crypto, cybercrime, cyberespionage, data, framework, google, group, infection, jobs, korea, linkedin, malicious, malware, north-korea, service, social-engineering, software, threat, update, windows, wordpress

Used in North Korean fake recruitment campaigns: As opposed to other nation-state actors, North Korean APT groups are known to conduct cybercriminal activity in addition to cyberespionage, because their goal includes gathering funds for the regime.One way they do this is by stealing cryptocurrency from companies and individuals. Between 2017 and 2023, it is estimated…
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

Oct 16, 2025 6:07 PM

Tags: apple, blockchain, hacker, macOS, malware, threat, windows, wordpress

A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems.”UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique used…
Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

Oct 15, 2025 5:55 PM

Tags: access, data-breach, flaw, unauthorized, wordpress

A flaw in the Slider Revolution plugin has exposed millions of WordPress sites to unauthorized file access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaw-slider-revolution-plugin/
Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

Oct 15, 2025 5:55 PM

Tags: access, data-breach, flaw, unauthorized, wordpress

A flaw in the Slider Revolution plugin has exposed millions of WordPress sites to unauthorized file access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaw-slider-revolution-plugin/
Critical WordPress Plugin Vulnerability Allows Admin Account Takeover

Oct 10, 2025 11:23 PM

Tags: control, flaw, vulnerability, wordpress

Critical WordPress flaw lets attackers gain admin control, stressing the need for fast patching. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-wordpress-plugin-vulnerability-allows-admin-account-takeover/
Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

Oct 10, 2025 6:23 PM

Tags: authentication, exploit, flaw, service, update, wordpress

An Authentication Bypass (CVE-2025-5947) in Service Finder Bookings plugin allows any unauthenticated attacker to log in as an administrator. Over 13,800 exploit attempts detected. Update to v6.1 immediately. First seen on hackread.com Jump to article: hackread.com/auth-bypass-service-finder-wordpress-plugin-exploit/
CVE-2025-5947: WordPress Plugin flaw lets hackers access Admin accounts

Oct 9, 2025 5:23 PM

Tags: access, authentication, cve, exploit, flaw, hacker, service, threat, vulnerability, wordpress

Threat actors are exploiting a critical flaw, tracked as CVE-2025-5947, in the Service Finder WordPress theme’s Bookings plugin. Threat actors are exploiting a critical vulnerability, tracked as CVE-2025-5947 (CVSS score 9.8), in the Service Finder WordPress theme’s Bookings plugin. The plugin (versions â‰¤6.0) has an authentication bypass issue allowing attackers to log in as any…
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access

Oct 9, 2025 12:23 PM

Tags: access, authentication, cyber, exploit, firewall, hacker, service, vulnerability, wordpress

A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 exploit attempts have been blocked by the Wordfence Firewall to date. On June 8, 2025, a submission to the Wordfence Bug…
Hackers Targeting WordPress Plugin Vulnerability to Seize Admin Access

Oct 9, 2025 12:23 PM

Tags: access, authentication, cyber, exploit, firewall, hacker, service, vulnerability, wordpress

A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 exploit attempts have been blocked by the Wordfence Firewall to date. On June 8, 2025, a submission to the Wordfence Bug…
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Oct 9, 2025 10:23 AM

Tags: access, authentication, control, cve, exploit, flaw, hacker, service, threat, unauthorized, vulnerability, wordpress

Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites.The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the First…
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Oct 8, 2025 7:58 PM

Tags: attack, cybersecurity, exploit, hacker, injection, malicious, malware, phishing, wordpress

Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites.”Site visitors get injected content that was drive-by malware like fake Cloudflare verification,” Sucuri researcher Puja Srivastava said in an analysis published last week.The website security company First seen on…
Hackers exploit auth bypass in Service Finder WordPress theme

Oct 8, 2025 6:58 PM

Tags: authentication, exploit, hacker, service, threat, vulnerability, wordpress

Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-in-service-finder-wordpress-theme/
Hackers Exploit WordPress Sites by Silently Injecting Malicious PHP Code

Oct 6, 2025 11:35 AM

Tags: attack, breach, cyber, cybercrime, exploit, hacker, injection, malicious, unauthorized, wordpress

Cybercriminals have ramped up attacks on WordPress websites by stealthily modifying theme files to serve unauthorized third-party scripts. This campaign leverages subtle PHP injections in the active theme’s functions.php to fetch external code, effectively turning compromised sites into silent distributors of malicious ads and malware. The breach came to light when the site owner noticed…
Detour Dog und die DNS-TXT-Kommunikation eine neue Dimension der Malware-Verteilung

Oct 4, 2025 12:35 PM

Tags: dns, malware, wordpress

Die Malware-Kampagne von Detour Dog ist schon lange aktiv. In WordPress-Blogs bettete man dafür ein ausgeklügeltes JavaScript ein. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/detour-dog-und-die-dns-txt-kommunikation-eine-neue-dimension-der-malware-verteilung-321394.html
New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms

Sep 26, 2025 1:08 PM

Tags: attack, botnet, control, credentials, cve, cyber, data-breach, exploit, iot, linux, router, service, threat, wordpress

CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks against SOHO routers, embedded Linux devices, and enterprise applications. The threat actors exploit unsanitized POST parameters”, such as NTP, syslog, and hostname fields”, alongside default credentials and known CVEs in WebLogic, WordPress, and vBulletin systems…
Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access

Sep 25, 2025 10:49 AM

Tags: access, backdoor, cyber, hacker, malware, tactics, wordpress

Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their dangerous functions: one impersonated a plugin, the other camouflaged itself as a core file. Together, they formed a resilient system that gave hackers…
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login

Sep 16, 2025 2:16 PM

Tags: authentication, cyber, exploit, intelligence, login, update, vulnerability, wordpress

A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by exploiting the social login feature. Site owners are urged to update immediately. On May 31, 2025, Wordfence Intelligence received a report of an Authentication Bypass via Social Login vulnerability in…
Survey Surfaces Raft of WordPress Cybersecurity Concerns

Sep 3, 2025 8:20 PM

Tags: cybersecurity, wordpress

A survey of 264 professionals that maintain websites based on the WordPress content management system (CMS) finds 96% have been impacted by at least one security incident/event, with just under two-thirds of those respondents (64%) having suffered a full breach. Conducted by Melapress, a provider of cybersecurity plug-ins for WordPress sites, the survey also finds..…
WordPress Woes Continue Amid ClickFix Attacks, TDS Threats

Sep 2, 2025 11:20 PM

Tags: attack, cyber, malicious, threat, vulnerability, wordpress

Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/wordpress-woes-clickfix-attacks-tds-threats
High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

Sep 1, 2025 5:19 PM

Tags: flaw, injection, risk, sql, vulnerability, wordpress

A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sqli-threat-wordpress-memberships/
ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims

Aug 27, 2025 12:23 PM

Tags: captcha, cyber, cybercrime, cybersecurity, exploit, google, malicious, service, wordpress

A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying deceptive CAPTCHA interfaces mimicking legitimate services like Cloudflare or Google to manipulate users into running malicious commands. The operation, traced through compromised WordPress websites, represents a sophisticated blend of social…
ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims

Aug 27, 2025 12:23 PM

Tags: captcha, cyber, cybercrime, cybersecurity, exploit, google, malicious, service, wordpress

A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying deceptive CAPTCHA interfaces mimicking legitimate services like Cloudflare or Google to manipulate users into running malicious commands. The operation, traced through compromised WordPress websites, represents a sophisticated blend of social…
ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

Aug 26, 2025 2:54 PM

Tags: captcha, crypto, cybercrime, exploit, ransomware, social-engineering, wordpress

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners.The large-scale cybercrime campaign, first detected in August 2025, has been codenamed ShadowCaptcha by the Israel National First seen…