Hacking WordPress websites & stealing WordPress passwords

A detailed explanation of how attackers use Man-in-the-Middle (MitM) to hack WordPress websites and login credentials. This article is for educational purposes only. Like any other web application with a login form, WordPress submits your username and … Continue reading Hacking WordPress websites & stealing WordPress passwords

Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers

A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs.

The… Continue reading Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers

Top reasons why WordPress websites get hacked (and how you can stop it)

Hacking is the process of finding flaws in a system, and exploiting them to bypass security controls. ‘Ethical’ hackers use this process to learn about a system and find its weaknesses. However, malicious or ‘black hat’ hacking … Continue reading Top reasons why WordPress websites get hacked (and how you can stop it)

New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions.

The vu… Continue reading New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress that could allow a low-privileged attacker to inject malicious code on AMP pages of the targeted website.

The vulnera… Continue reading Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store.

Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file dele… Continue reading Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site.

The nasty… Continue reading Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

13 WordPress Security Tips From Acunetix

WordPress has a pretty poor reputation when it comes to security, so here are some WordPress security tips from Acunetix. The WordPress security perception is mostly unfounded sadly, as core WordPress is pretty secure – as long as it’s updated. The same goes for plug-ins and themes, if poorly maintained they are an easy ingress […]

The post…

Read the full post at darknet.org.uk

Continue reading 13 WordPress Security Tips From Acunetix