Collaborate Disseminate
To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.
The post Relying on Data to Mitigate the Risk of WordPress Website Hijacking appeared first on Security Intelligence.
Continue reading Relying on Data to Mitigate the Risk of WordPress Website Hijacking
WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances.
The vulnerability (CVE-2017-8295) becomes even more dangerous after knowing that it affects all versions of WordPress — including the latest 4.7.4 version.
The WordPress flaw was discovered by Polish security
Continue reading Unpatched WordPress Flaw Could Allow Hackers To Reset Admin Password
The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. Continue reading WordPress REST API Bug Could Be Used in Stored XSS Attacks
The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk. Continue reading Million-Plus WordPress Sites Exposed by Vulnerable Plugin
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit. Continue reading Criminals Monetizing Attacks Against Unpatched WordPress Sites
WordPress patched a zero day vulnerability in the WP Mobile Detector plugin that had been publicly attacked for close to a week. Continue reading WordPress Patches Zero Day in WP Mobile Detector Plugin