WordPress

NewsSecurity Vulnerabilities

Vulnerabilities In The WordPress Total Donations Plugin

Duncan 2240 Views 0 Comments 0 min read

The Wordfence Threat Intelligence team recently identified multiple critical vulnerabilities in the commercial Total Donations plugin for WordPress. These vulnerabilities,

Read More
NewsSecurity Vulnerabilities

Privilege Escalation Flaw In WP GDPR Compliance Plugin

Duncan 2489 Views 0 Comments 1 min read

WordPress GDPR Compliance 1.4.3 is now available. This is a security release for all previous versions and we strongly encourage

Read More
NewsSecurity Vulnerabilities

WordPress Site Editor Plugin Path Traversal Vulnerability [CVE-2018-7422]

Duncan 2428 Views 0 Comments 1 min read

CVE number – CVE-2018-7422 A vulnerability in the Site Editor plugin for WordPress could allow an unauthenticated, remote attacker to

Read More
NewsSecurity Vulnerabilities

WordPress Arbitrary File Deletion Vulnerability Exploit

Duncan 2825 Views 0 Comments 2 min read

Exploiting this vulnerability grants an attacker the capability to delete any file of the WordPress installation (and any other file

Read More
NewsSecurity Vulnerabilities

BabaYaga The New Russian WordPress Malware Used For SEO Spam

Duncan 2250 Views 0 Comments 1 min read

Security researchers have discovered a new malware strain targeting WordPress sites that includes some pretty clever techniques, such as removing

Read More
NewsSecurity Vulnerabilities

Email Subscribers & Newsletters Plugin For WordPress Vulnerability [CVE-2018-0602]

Duncan 2139 Views 0 Comments 0 min read

CVE Number – CVE-2018-0602 Email Subscribers & Newsletters Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation

Read More
NewsSecurity Vulnerabilities

BestWebSoft WordPress CAPTCHA Plugin Backdoor

Duncan 2177 Views 0 Comments 0 min read

A backdoor has been discovered in the popular WordPress plugin “Captcha free plugin”, by BestWebSoft. It has recently been sold

Read More
NewsSecurity News

Three WordPress Plugins Backdoored In Supply Chain Attack

Duncan 2524 Views 0 Comments 1 min read

In the last two weeks, the WordPress.org repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin

Read More
Security Vulnerabilities

WordPress SQL Injection Vulnerability

Duncan 2085 Views 0 Comments 0 min read

WordPress has recently released patch 4.8.3 to fix an SQL injection security vulnerability. This vulnerability concerned an exploit in which

Read More
Security Vulnerabilities

WordPress (Pre 4.8.3) SQL Injection Vulnerability

Duncan 1980 Views 0 Comments 0 min read

CVE-2017-16510 Detail WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to

Read More