Easy WP SMTP Security Bug Can Reveal Admin Credentials
A poorly configured file opens users up to site takeover. Continue reading Easy WP SMTP Security Bug Can Reveal Admin Credentials
Category Archives: site takeover
Widespread Scans Underway for RCE Bugs in WordPress Websites
WordPress websites using buggy Epsilon Framework themes are being hunted by hackers. Continue reading Widespread Scans Underway for RCE Bugs in WordPress Websites
Ultimate Member Plugin for WordPress Allows Site Takeover
Three critical security bugs allow for easy privilege escalation to an administrator role. Continue reading Ultimate Member Plugin for WordPress Allows Site Takeover
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs. Continue reading Post Grid WordPress Plugin Flaws Allow Site Takeovers
WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover
Severe CSRF to XSS bugs open the door to code execution and complete website compromise. Continue reading WordPress Page Builder Plugin Bugs Threaten 1 Million Sites with Full Takeover
Magento Patches Critical SQL Injection and RCE Vulnerabilities
Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Continue reading Magento Patches Critical SQL Injection and RCE Vulnerabilities