plugin – Page 2 – WindowsTechs.com

Ultimate Member Plugin for WordPress Allows Site Takeover

Posted on November 9, 2020 by Tara Seals

Three critical security bugs allow for easy privilege escalation to an administrator role. Continue reading Ultimate Member Plugin for WordPress Allows Site Takeover→

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

Posted on November 6, 2020 by Tara Seals

The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug→

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Posted on October 22, 2020 by Graham Cluley

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.

The flaw opened up opportunities for cybercriminals to completely compr… Continue reading Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered→

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Posted on October 22, 2020 by Graham Cluley

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened… Continue reading Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered→

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Posted on October 5, 2020 by Tara Seals

Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers→

Post Grid WordPress Plugin Flaws Allow Site Takeovers

Posted on October 5, 2020 by Tara Seals

WordPress websites attacked via File Manager plugin vulnerability

Posted on September 2, 2020 by Graham Cluley

Hackers are exploiting a critical vulnerability that may be affecting hundreds of thousands of websites running WordPress.

The vulnerability lies in versions of the popular third-party plugin WordPress File Manager, which has been installed on over … Continue reading WordPress websites attacked via File Manager plugin vulnerability→

Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws

Posted on September 1, 2020 by Lindsey O'Donnell

Two flaws – one of them yet to be fixed – are afflicting a third-party plugin used by Magento e-commerce websites. Continue reading Magento Sites Vulnerable to RCE Stemming From Magmi Plugin Flaws→

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

Posted on August 14, 2020 by Lindsey O'Donnell

The recently patched flaws could be abused by an unauthenticated, remote attackers to take over vulnerable websites. Continue reading Critical Flaws in WordPress Quiz Plugin Allow Site Takeover→

Newsletter WordPress Plugin Opens Door to Site Takeover

Posted on August 4, 2020 by Tara Seals

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites. Continue reading Newsletter WordPress Plugin Opens Door to Site Takeover→