Ultimate Member Plugin for WordPress Allows Site Takeover
Three critical security bugs allow for easy privilege escalation to an administrator role. Continue reading Ultimate Member Plugin for WordPress Allows Site Takeover
Collaborate Disseminate
Three critical security bugs allow for easy privilege escalation to an administrator role. Continue reading Ultimate Member Plugin for WordPress Allows Site Takeover
The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug
Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.
The flaw opened up opportunities for cybercriminals to completely compr… Continue reading Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered
Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened… Continue reading Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers
Hackers are exploiting a critical vulnerability that may be affecting hundreds of thousands of websites running WordPress.
The vulnerability lies in versions of the popular third-party plugin WordPress File Manager, which has been installed on over … Continue reading WordPress websites attacked via File Manager plugin vulnerability
Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. Continue reading Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws
The recently patched flaws could be abused by an unauthenticated, remote attackers to take over vulnerable websites. Continue reading Critical Flaws in WordPress Quiz Plugin Allow Site Takeover
An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Continue reading Newsletter WordPress Plugin Opens Door to Site Takeover