wordpress – Page 18 – WindowsTechs.com

Can I check the content of a suspicious file directly on the server using an editor, e.g. vim?

Posted on November 20, 2020 by nsog8sm43x

in the Wordpress directory I found some suspicious-looking files with random strings in their name e.g. uxs5sxp59f_index.php. Can I safely check their content ? I have a suspicion that the site has been infected because some of its links o… Continue reading Can I check the content of a suspicious file directly on the server using an editor, e.g. vim?→

Widespread Scans Underway for RCE Bugs in WordPress Websites

Posted on November 18, 2020 by Tara Seals

WordPress websites using buggy Epsilon Framework themes are being hunted by hackers. Continue reading Widespread Scans Underway for RCE Bugs in WordPress Websites→

Getting a wordpress owner’s username to try gain access [closed]

Posted on November 17, 2020 by Percival Junghans

I am using logwatch and WordPress. I noticed this entry:
Wordpress ([myblog.com]): Authentication attempt for unknown user [myactualusername] from [notmyip]: 1 Time(s)

The weird thing is, they knew my username. I have never published my u… Continue reading Getting a wordpress owner’s username to try gain access [closed]→

Ultimate Member Plugin for WordPress Allows Site Takeover

Posted on November 9, 2020 by Tara Seals

Three critical security bugs allow for easy privilege escalation to an administrator role. Continue reading Ultimate Member Plugin for WordPress Allows Site Takeover→

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

Posted on November 6, 2020 by Tara Seals

The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug→

WordPress Pushes Out Multiple Flawed Security Updates

Posted on November 2, 2020 by Tom Spring

WordPress bungles critical security 5.5.2 fix and saves face next day with 5.5.3 update. Continue reading WordPress Pushes Out Multiple Flawed Security Updates→

WordPress Patches 3-Year-Old High-Severity RCE Bug

Posted on October 30, 2020 by Tom Spring

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. Continue reading WordPress Patches 3-Year-Old High-Severity RCE Bug→

WordPress Patches 3-Year-Old High-Severity RCE Bug

Posted on October 30, 2020 by Tom Spring

In all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software. Continue reading WordPress Patches 3-Year-Old High-Severity RCE Bug→

This Week in Security: Discord, Chromium, and WordPress Forced Updates

Posted on October 30, 2020 by Jonathan Bennett

[Masato Kinugawa] found a series of bugs that, when strung together, allowed remote code execution in the Discord desktop app. Discord’s desktop application is an Electron powered app, meaning it’s a web page rendered on a bundled light-weight browser. Building your desktop apps on JavaScript certainly makes life easier for …read more

Continue reading This Week in Security: Discord, Chromium, and WordPress Forced Updates→

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Posted on October 22, 2020 by Graham Cluley

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers.

The flaw opened up opportunities for cybercriminals to completely compr… Continue reading Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered→