hacking wordpress website – WindowsTechs.com

Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension

Posted on April 26, 2019 by Swati Khandelwal

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store.

A WordPress security company—calle… Continue reading Critical Unpatched Flaw Disclosed in WordPress WooCommerce Extension→

New PHP Code Execution Attack Puts WordPress Sites at Risk

Posted on August 17, 2018 by Wang Wei

Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered funct… Continue reading New PHP Code Execution Attack Puts WordPress Sites at Risk→

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Posted on June 27, 2018 by Mohit Kumar

UPDATE—WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control over affected websites. You are recommended to install the latest available version of WordPress as soon as possible…. Continue reading Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site→

Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites

Posted on February 5, 2018 by Mohit Kumar

A simple yet serious application-level denial of service (DoS) vulnerability has been discovered in WordPress CMS platform that could allow anyone to take down most WordPress websites even with a single machine—without hitting with a massive amount of … Continue reading Unpatched DoS Flaw Could Help Anyone Take Down WordPress Websites→

Nearly 2000 WordPress Websites Infected with a Keylogger

Posted on January 29, 2018 by Swati Khandelwal

More than 2,000 WordPress websites have once again been found infected with a piece of crypto-mining malware that not only steals the resources of visitors’ computers to mine digital currencies but also logs visitors’ every keystroke.

Security researc… Continue reading Nearly 2000 WordPress Websites Infected with a Keylogger→

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack

Posted on July 1, 2017 by Wang Wei

A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and possibly hijack the affected sites remotely.

The flaw has be… Continue reading WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack→

Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password

Posted on May 4, 2017 by Mohit Kumar

WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances.

The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version.

The WordPress flaw was discovered by Polish security

Continue reading Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password→