PHP Object Injection – WindowsTechs.com

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

Posted on November 6, 2020 by Tara Seals

The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug→

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Posted on October 5, 2020 by Tara Seals

Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers→

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Posted on October 5, 2020 by Tara Seals

Newsletter WordPress Plugin Opens Door to Site Takeover

Posted on August 4, 2020 by Tara Seals

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Continue reading Newsletter WordPress Plugin Opens Door to Site Takeover→

WordPress 5.0 Gets Security Patch a Week After Release

Posted on December 14, 2018 by Lucian Constantin

Only a week has passed since the release of WordPress 5.0—a new major version codenamed “Bebo”—and the WordPress team has already pushed out a security update for it. WordPress 5.0.1, released Dec. 13, fixes seven vulnerabilities, some of … Continue reading WordPress 5.0 Gets Security Patch a Week After Release→

Magecart Cybergang Targets 0days in Third-Party Magento Extensions

Posted on October 24, 2018 by Tom Spring

Over two dozen third-party ecommerce plugins contain zero-day vulnerabilities being exploited in a recent Magecart campaign. Continue reading Magecart Cybergang Targets 0days in Third-Party Magento Extensions→