WordPress

Security VulnerabilitiesNews

WordPress Removes Vulnerable Plugin – Yuzo Related Posts

Jason Davies 3393 Views 0 Comments 1 min read

Wordfence posted an article stating that on March 30th 2019, WordPress removed the Yuzo Related Posts plugin from its plugin

Read More
Security VulnerabilitiesNews

WordPress Comment Content Filtering Remote Code Execution Vulnerability [CVE-2019-9787]

Duncan 2906 Views 0 Comments 1 min read

CVE Number – CVE-2019-9787 A vulnerability in WordPress could allow an unauthenticated, remote attacker to execute arbitrary code on a

Read More
Security VulnerabilitiesNews

Vulnerabilities In The WordPress Total Donations Plugin

Duncan 2652 Views 0 Comments 0 min read

The Wordfence Threat Intelligence team recently identified multiple critical vulnerabilities in the commercial Total Donations plugin for WordPress. These vulnerabilities,

Read More
Security VulnerabilitiesNews

Privilege Escalation Flaw In WP GDPR Compliance Plugin

Duncan 2783 Views 0 Comments 1 min read

WordPress GDPR Compliance 1.4.3 is now available. This is a security release for all previous versions and we strongly encourage

Read More
Security VulnerabilitiesNews

WordPress Site Editor Plugin Path Traversal Vulnerability [CVE-2018-7422]

Duncan 2849 Views 0 Comments 1 min read

CVE number – CVE-2018-7422 A vulnerability in the Site Editor plugin for WordPress could allow an unauthenticated, remote attacker to

Read More
Security VulnerabilitiesNews

WordPress Arbitrary File Deletion Vulnerability Exploit

Duncan 3275 Views 0 Comments 2 min read

Exploiting this vulnerability grants an attacker the capability to delete any file of the WordPress installation (and any other file

Read More
Security VulnerabilitiesNews

BabaYaga The New Russian WordPress Malware Used For SEO Spam

Duncan 2594 Views 0 Comments 1 min read

Security researchers have discovered a new malware strain targeting WordPress sites that includes some pretty clever techniques, such as removing

Read More
Security VulnerabilitiesNews

Email Subscribers & Newsletters Plugin For WordPress Vulnerability [CVE-2018-0602]

Duncan 4743 Views 0 Comments 0 min read

CVE Number – CVE-2018-0602 Email Subscribers & Newsletters Plugin for WordPress is vulnerable to cross-site scripting, caused by improper validation

Read More
Security VulnerabilitiesNews

BestWebSoft WordPress CAPTCHA Plugin Backdoor

Duncan 2464 Views 0 Comments 0 min read

A backdoor has been discovered in the popular WordPress plugin “Captcha free plugin”, by BestWebSoft. It has recently been sold

Read More
Security NewsNews

Three WordPress Plugins Backdoored In Supply Chain Attack

Duncan 3044 Views 0 Comments 1 min read

In the last two weeks, the WordPress.org repository has closed three plugins because they contained content-injection backdoors. “Closing” a plugin

Read More