Strategy11 formidable plugin for WordPress code execution [CVE-2019-15780]

CVE number – CVE-2019-15780 Strategy11 formidable plugin for WordPress could allow a remote attacker to execute arbitrary code on the

Read more

wp-code-highlightjs WordPress Plugin Vulnerability [CVE-2019-12934]

CVE Number – CVE-2019-12934 An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF,  as

Read more

WordPress Removes Vulnerable Plugin – Yuzo Related Posts

Wordfence posted an article stating that on March 30th 2019, WordPress removed the Yuzo Related Posts plugin from its plugin

Read more

WordPress Comment Content Filtering Remote Code Execution Vulnerability [CVE-2019-9787]

CVE Number – CVE-2019-9787 A vulnerability in WordPress could allow an unauthenticated, remote attacker to execute arbitrary code on a

Read more

Vulnerabilities In The WordPress Total Donations Plugin

The Wordfence Threat Intelligence team recently identified multiple critical vulnerabilities in the commercial Total Donations plugin for WordPress. These vulnerabilities,

Read more

Privilege Escalation Flaw In WP GDPR Compliance Plugin

WordPress GDPR Compliance 1.4.3 is now available. This is a security release for all previous versions and we strongly encourage

Read more

WordPress Site Editor Plugin Path Traversal Vulnerability [CVE-2018-7422]

CVE number – CVE-2018-7422 A vulnerability in the Site Editor plugin for WordPress could allow an unauthenticated, remote attacker to

Read more

WordPress Arbitrary File Deletion Vulnerability Exploit

Exploiting this vulnerability grants an attacker the capability to delete any file of the WordPress installation (and any other file

Read more

BabaYaga The New Russian WordPress Malware Used For SEO Spam

Security researchers have discovered a new malware strain targeting WordPress sites that includes some pretty clever techniques, such as removing

Read more

Email Subscribers & Newsletters Plugin For WordPress Vulnerability [CVE-2018-0602]

CVE Number – CVE-2018-0602 Email Subscribers & Newsletters Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation

Read more
%d bloggers like this: