WordPress exploit – WindowsTechs.com

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

Posted on April 3, 2019 by Swati Khandelwal

If you have a “private” blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites.

WordPress has rec… Continue reading WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites→

New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites

Posted on March 14, 2019 by Swati Khandelwal

If for some reason your WordPress-based website has not yet been automatically updated to the latest version 5.1.1, it’s highly recommended to immediately upgrade it before hackers could take advantage of a newly disclosed vulnerability to hack your we… Continue reading New WordPress Flaw Lets Unauthenticated Remote Attackers Hack Sites→

Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in

Posted on November 13, 2018 by Lucian Constantin

Hackers are breaking into WordPress websites by exploiting a recently patched privilege escalation vulnerability in a popular plug-in that allows site owners to conform to the GDPR user data collection requirements. The vulnerability was discovered la… Continue reading Hackers Exploit Critical Flaw in WordPress GDPR Compliance Plug-in→

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

Posted on November 7, 2018 by Swati Khandelwal

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store.

Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file dele… Continue reading Popular WooCommerce WordPress Plugin Patches Critical Vulnerability→

Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site

Posted on June 27, 2018 by Mohit Kumar

UPDATE—WordPress has released version 4.9.7 to finally patch this vulnerability that could allow remote attackers to gain full control over affected websites. You are recommended to install the latest available version of WordPress as soon as possible…. Continue reading Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site→

Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password

Posted on May 4, 2017 by Mohit Kumar

WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances.

The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version.

The WordPress flaw was discovered by Polish security

Continue reading Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password→

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Posted on February 2, 2017 by Swati Khandelwal

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site.

The nasty… Continue reading Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!→