Collaborate Disseminate
Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen ov… Continue reading Malicious JavaScript Used in WP Site/Home URL Redirects
An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to manage multiple websites from one central server using the InfiniteWP Server… Continue reading Authentication Bypass Vulnerability in InfiniteWP Client
Malware obfuscation comes in all shapes and sizes — and it’s sometimes hard to recognize the difference between malicious and legitimate code when you see it.
Recently, we came across an interesting case where attackers went a few extra mi… Continue reading Unmasking Black Hat SEO for Dating Scams
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and database tabl… Continue reading Vulnerable Versions of Adminer as a Universal Infection Vector
Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types.
Scripts as Data URLs
The first type looks pretty similar to what we discussed in our recent post.
However, instead of placing… Continue reading Data URLs and HTML Entities in New WordPress Malware
We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins with backdoor functionality.
Malicious Plugins Sourced from UpdraftPlus
Attacke… Continue reading Fake UpdraftPlus Plugins
We’ve been following an ongoing malware campaign for the past couple of years now. This campaign is renowned for its prompt addition of exploits for newly discovered WordPress theme and plugin vulnerabilities.
Every other week, the attackers int… Continue reading A New Wave of Buggy WordPress Infections
We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019.
One of these newly targeted plugins was Advanced Booking Calendar — and it didn’t take long before we were recei… Continue reading Fake Human Verification Spam
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function is used to update a named option/value in the options database table. If developers … Continue reading Misuse of WordPress update_option() function Leads to Website Infections
In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question.
What Makes WordPress Vulnerable?
“Here’s the simple answer. Old versions of WordPress, along with … Continue reading How to Audit & Cleanup WordPress Plugins & Themes