Search Results For vulnerable plugin

Wordpress Plugin Advanced Contact Form 7 DB vulnerable to SQLi

A very severe SQLi vulnerability has been uncovered in popular WordPress Plugin - Advanced Contact Form 7 DB, having more than 40,000+ active installations. The vulnerability was first reported on March 26th, and the new patched version 1.6.1 has been made live two days ago on 10th of April. However, the current users still have reasons to worry as this vulnerability could be exploited by hackers having even a subscriber's account.

With each passing day, cases of WordPress infection that redirects visitors to suspicious pages is getting common.  Recently, a vulnerability was discovered in tagDiv Themes and Ultimate Member Plugins. In this WordPress redirect hack visitors to your website are redirected to phishing or malicious pages. In this hack, users, when redirected, are taken to irritating pages with arbitrary URL hxxp utroro.com/xyz  or  hxxp://murieh.abc/xyz…

Powering nearly 75 million websites globally and deemed as the most favorable CMS platform of all, Wordpress is widely used by most online retailers and entrepreneurs when it comes to conducting online business. The popularity splurges as the CMS adheres to a ready-to-use, SEO friendly and mobile compatible templates. A plethora of Wordpress plugins are available today, which carries out…

Yellow Pencil Visual Theme Customizer Plugin Exploited - Redirect & Adds Unauthenticated Users

The buzz around exploitation in WordPress plugins was not yet down, when a new report of exploitation in WordPress theme Yellow Pencil Visual theme customizer surfaced. This theme was quite popular with more than 30000 active installations at the time it was taken down from the WordPress's official site. After the vulnerabilities in two of its software was made public by a security researcher, the attempts of exploitation soared. Due to the attacks that followed many sites are now redirecting to other malicious sites

Woocommerce Abandoned Cart Plugin exploited

Abandoned Cart Plugin in WooCommerce Abused - Update Immediately  WordPress-based sites are under attack from hackers exploiting an XSS vulnerability in the woocommerce-abandoned-cart plugin to plant backdoors and take over vulnerable sites. The woocommerce-abandoned-cart plugin, allows the owners of WooCommerce sites to track abandoned shopping carts in order to recover those sales. A lack of sanitation on guest user input and…

Top Exploited WordPress Plugins in 2018

Introduction This year a lot of plugins were launched which had a lot of innovative features like SEO optimization, a new editing interface and several newer ones which enhance the functionality of Wordpress and help us to achieve more productivity via our work on WordPress. However many of these plugins have been exploited by hackers this year for malicious purposes like…

AMP plugin in wordpress hacked

WordPress AMP Plugin Exploited This article will discuss the Code Injection Vulnerability in older versions  (Version 0.9.97.20 and Below) of the WordPress AMP Plugin. We describe what are AMPs and how the WordPress AMP plugin contains an exploitable vulnerability. Accelerated Mobile Pages (AMPs) - A Brief Introduction AMPs are a project website technology of Google which originally aimed to increase dramatically the…

GDPR plugin compromised new admin user added

WordPress GDPR Compliance Plugin Exploit The Wordpress GDPR Compliance Plugin has made it easier for users to make their websites compliant with the new General Data Protection Regulation (GDPR) laws in the EU. The older versions (1.4.2 and below) of the plugin contains some vulnerabilities due to which websites using it have been affected by the Wordpress GDPR exploit in…

Wordpress, the juggernaut CMS powering more than 1 billion websites, most notable ones being Techcrunch, The New Yorker, Sony, and MTV among many other, is not devoid of vulnerabilities when it comes to website security. Recently, one of its most popular plugins, WP Statistics, was deemed as flawed, rendering nearly 300,000 websites open to exploitation by attackers online. The plugin WP Statistics has…

Most Common WordPress Attacks in 2018

WordPress has held the title of the biggest content management system for well over a decade. It has ushered in a new generation of websites — built by individuals who had nothing more than a raw idea in their head. One of the key features that made WordPress so popular is its unparalleled scalability. With thousands of third-party developers of…

Close