Tag: wordpress
-
Rogue Account”‘Creation Flaw Leaves 100″¯K WordPress Sites Exposed
A severe vulnerability has been uncovered in the SureTriggers WordPress plugin, which could leave over 100,000 websites at risk. The issue, discovered by security researcher mikemyers, allows attackers to create rogue administrative users on sites where the plugin is not properly configured. Vulnerability Details This critical flaw, registered as CVE-2025-3102, is rooted in the plugin’s…
-
50,000+ WordPress Sites Vulnerable to Privilege Escalation Attacks
In a recent cybersecurity development, over 50,000 WordPress websites using the Uncanny Automator plugin have been identified as vulnerable to a critical privilege escalation attack. This vulnerability, discovered by security researcher mikemyers through the Wordfence Bug Bounty Program, allows authenticated attackers with subscriber-level access or higher to escalate their privileges to that of an administrator.…
-
Widespread WordPress site compromise likely with WP Ultimate CSV Importer bugs
Tags: wordpressFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-wordpress-site-compromise-likely-with-wp-ultimate-csv-importer-bugs
-
20,000 WordPress Sites at Risk of File Upload Deletion Exploits
A critical security alert has been issued to WordPress site administrators following the discovery of two high-severity vulnerabilities in the >>WP Ultimate CSV Importer
-
WordPress attackers hide malware in overlooked plugins directory
First seen on scworld.com Jump to article: www.scworld.com/news/wordpress-attackers-hide-malware-in-overlooked-plugins-directory
-
Hackers exploit little-known WordPress MU-plugins feature to hide malware
A new security issue is putting WordPress-powered websites at risk. Hackers are abusing the “Must-Use” plugins (MU-plugins) feature to hide malicious code and maintain long-term access on hacked websites. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-exploit-little-known-wordpress-mu-plugins-feature-to-hide-malware
-
Hiding WordPress malware in the mu-plugins directory to avoid detection
Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. In February, Sucuri warned of threat actors exploiting WordPress mu-plugins, which auto-load without activation, to maintain persistence and evade detection by hiding backdoors in the plugin directory. >>Unlike regular plugins, must-use plugins are automatically loaded on every page load,…
-
Threat Actors Embed Malware in WordPress Sites to Enable Remote Code Execution
Security researchers have uncovered a new wave of cyberattacks targeting WordPress websites through the exploitation of the >>mu-plugins
-
Hackers abuse WordPress MU-Plugins to hide malicious code
Hackers are utilizing the WordPress mu-plugins (“Must-Use Plugins”) directory to stealthily run malicious code on every page while evading detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-abuse-wordpress-mu-plugins-to-hide-malicious-code/
-
Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory
Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/threat-actors-deploy-wordpress-malware-in-mu-plugins-directory/
-
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
Threat actors are using the “mu-plugins” directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites.mu-plugins, short for must-use plugins, refers to plugins in a special directory (“wp-content/mu-plugins”) that are automatically executed by WordPress without the need to enable them explicitly via…
-
The 4 WordPress flaws hackers targeted the most in Q1 2025
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-four-wordpress-flaws-hackers-targeted-the-most-in-q1-2025/
-
WordPress Plugin Vulnerability Opens Door to SQL Injection Exploits
A critical vulnerability in the popular WordPress plugin GamiPress has been uncovered, leaving users exposed to unauthenticated SQL injection attacks. The issue, assigned the identifier CVE-2024-13496, carries a high CVSS 3.1 score of 7.5, indicating significant potential for exploitation. CVE-2024-13496 was discovered during a security assessment of GamiPress version 7.2.1. The vulnerability affects all versions…
-
WordPress Plugin Flaw Exposes 200,000+ Sites at Risk of Code Execution
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Ghost, which boasts over 200,000 active installations. This flaw, tracked as CVE-2025-26909, concerns an unauthenticated Local File Inclusion (LFI) vulnerability that could potentially lead to Remote Code Execution (RCE) attacks on nearly all server environments. The vulnerability has been addressed in the…
-
VexTrio Using 20,000 Hacked WordPress Sites in Traffic Redirect Scheme
A massive cybercrime network known as VexTrio is using thousands of compromised WordPress sites to funnel traffic through a complex redirection scheme. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vextrio-20000-hacked-wordpress-sites-traffic-redirect-scheme
-
Thousands of WordPress sites impacted by multi-year DollyWay campaign
Tags: wordpressFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-wordpress-sites-impacted-by-multi-year-dollyway-campaign
-
DollyWay Campaign Compromises Thousands of WordPress Sites
Tags: wordpressFirst seen on scworld.com Jump to article: www.scworld.com/brief/dollyway-campaign-compromises-thousands-of-wordpress-sites
-
WordPress security plugin WP Ghost vulnerable to remote code execution bug
Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wordpress-security-plugin-wp-ghost-vulnerable-to-remote-code-execution-bug/
-
Malware campaign ‘DollyWay’ breached 20,000 WordPress sites
A malware operation dubbed ‘DollyWay’ has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malware-campaign-dollyway-breached-20-000-wordpress-sites/
-
8,000 New WordPress Vulnerabilities Reported in 2024
Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes. The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/8000-new-wordpress-vulnerabilities-reported-in-2024/
-
Best WordPress Plugins for Cybersecurity 2025
WordPress is a great platform for building websites, but it is also a common target for hackers. Keeping your website safe is important to protect your data, visitors, and business. Cybercrime is a growing problem, with 39% of UK businesses experiencing cyber attacks in 2023. Using security plugins can help reduce risks and keep your…
-
WordPress Sites Compromised by JavaScript Backdoors
First seen on scworld.com Jump to article: www.scworld.com/brief/wordpress-sites-compromised-by-javascript-backdoors
-
Malicious backdoor-deploying JavaScript facilitates widespread WordPress site compromise
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-backdoor-deploying-javascript-facilitates-widespread-wordpress-site-compromise
-
Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites
An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaw-chaty-pro-plugin-18k/
-
Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability
A critical security flaw in the widely usedGiveWP Donation Plugin and Fundraising Platformhas left over 10,000 WordPress websites vulnerable to remote code execution attacks since March 3, 2025. Tracked as CVE-2025-0912, the vulnerability allows unauthenticated attackers to hijack sites by exploiting a deserialization flaw in versions 3.19.4 and earlier. Vulnerability Overview The vulnerability stems from […]…
-
Millions of WordPress Websites Vulnerable to Script Injection Due to Plugin Flaw
A critical security vulnerability in theEssential Addons for Elementorplugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via malicious URL parameters. The flaw, tracked as CVE-2025-24752 and scoring 7.1 (High) on the CVSS scale, allowed attackers to execute reflected cross-site scripting (XSS) attacks by exploiting insufficient input sanitization in the plugin’s password reset…
-
Essential Addons for Elementor XSS Vulnerability Discovered
Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/elementor-plugin-vulnerability-2m/
-
WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack
A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/wordpress-plugin-flaw-exposes/
-
90,000 WordPress Sites Exposed to Local File Inclusion Attacks
A critical vulnerability (CVE-2025-0366) in the Jupiter X Core WordPress plugin, actively installed on over 90,000 websites, was disclosed on January 6, 2025. The flaw enables authenticated attackers with contributor-level privileges to execute remote code via chained Local File Inclusion (LFI) and malicious SVG uploads. Discovered by researcher stealthcopter through the Wordfence Bug Bounty Program, the vulnerability…