wordpress – Page 27 – WindowsTechs.com

Critical WordPress Plugin Bug Afflicts 700K Sites

Posted on February 13, 2020 by Lindsey O'Donnell

Researchers are urging users of the GDPR Cookie Consent WordPress plugin to update as soon as possible. Continue reading Critical WordPress Plugin Bug Afflicts 700K Sites→

200K WordPress Sites Vulnerable to Plugin Flaw

Posted on January 30, 2020 by Lindsey O'Donnell

Developers behind WordPress plugin Code Snippets have issued a patch for the high-severity flaw. Continue reading 200K WordPress Sites Vulnerable to Plugin Flaw→

New Muhstik Botnet Attacks Target Tomato Routers

Posted on January 22, 2020 by Elizabeth Montalbano

Palo Alto Networks’ Unit 42 researchers observed a variant of the wormlike botnet that adds scanner technology to brute-force Web authentication. Continue reading New Muhstik Botnet Attacks Target Tomato Routers→

Update now! Popular WordPress plugins have password bypass flaws

Posted on January 16, 2020 by John E Dunn

Researchers have discovered bad authentication bypass vulnerabilities affecting two WordPress plugins which should be patched as soon as possible. Continue reading Update now! Popular WordPress plugins have password bypass flaws→

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Posted on January 15, 2020 by Tom Spring

Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack. Continue reading Critical WordPress Bug Leaves 320,000 Sites Open to Attack→

WordPress wp-config file seems hacked and changed to DB_NAME and DB_USER asadmin_drr and DB_HOST as 46.21.253.40 [duplicate]

Posted on December 18, 2019 by Harsh Choubey

I have a shared hosting on hostgator with around wordpress based websites. Out of them 4 stopped working with message as error establishing database connection. On checking the wp-config i found the Db connection details were changed for … Continue reading WordPress wp-config file seems hacked and changed to DB_NAME and DB_USER asadmin_drr and DB_HOST as 46.21.253.40 [duplicate]→

Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers

Posted on December 13, 2019 by Tom Spring

One flaw found in WordPress plugins Ultimate Addons for Beaver Builder and Ultimate Addons for Elementor is actively being exploited. Continue reading Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers→

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Posted on December 13, 2019 by Swati Khandelwal

Attention WordPress users!

Your website could easily get hacked if you are using “Ultimate Addons for Beaver Builder,” or “Ultimate Addons for Elementor” and haven’t recently updated them to the latest available versions.

Security researchers have di… Continue reading Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites→

How to identify malicious WordPress user agents

Posted on December 6, 2019 by BadHorsie

I have noticed our website, which is Wordpress based, gets frequent daily requests from other sites where the user agent is Wordpress and the other site is obviously an already hacked Wordpress installation.

In these entries… Continue reading How to identify malicious WordPress user agents→

URL parameter manipulation and injection

Posted on December 4, 2019 by churros

I have a scenario with 2 sites. Site 1 is mysite.com and Site 2 is secondurl.com.

Site 1 is using Wordpress. There, I did a Javascrit/jQuery routine that checks if a given url parameter comes in. If the parameter “p” exists… Continue reading URL parameter manipulation and injection→