Posts By Aakanchha Keshri

What Are Magecart Attacks On Magento Store And How To Prevent Them

Magecart attacks came out of the dark when it targeted credit card info of big names such as British Airways, Ticketmaster, Netwegg, etc and made headlines. But, this does not mean Magecart attacks came into existence recently. In fact, Magecart attacks can be traced back to 2014 when several groups first started monetizing with stolen credit card details. Masterminds of Magecart have been active and growing ever since.

PHP Open-Source Forum Software MyBB Vulnerable to Stored XSS - Exploited

MyBB, earlier known as MyBulletinBoard is a free and open source forum software based on PHP & My SQL. Recently it has been found vulnerable to a critical stored XSS (Cross-Site Scripting) and RCE (Remote-code Execution) in version 1.8.20 and before. Due to this any malefactor holding only a user account on the forum can hijack any board by sending a malicious private message to the administrator or by creating a malicious post.

Arbitrary File Upload in WP Plugin User Submitted Posts (ver

A fresh vulnerability disclosure in the series of WordPress plugins has come to notice. The WordPress plugin User Submitted Posts lets users upload posts and images from its front end feature. This WordPress plugin user submitted posts plugin currently has more than 30,000 installations. It was quite popular at the time a serious arbitrary file upload vulnerability was found in it. Learn more about the details of User Submitted Posts Exploit in this article.

How To Remove "Deceptive Site Ahead" Warning

I am sure, you got a mini heart attack to have your website flagged with a scary looking red screen with the message Deceptive Site Ahead in it. And you have been striving to retrieve your website from that danger ever since maybe. Yes, you are in the right place. In this article, we will try to answer most questions around that dreaded sentence “Deceptive Site Ahead”. Further, we will help you in removing that face shaming message from your website.

WordPress Plugin Slimstat Version

The website analytics plugin for WordPress Slimstat, has been found vulnerable to stored XSS (cross-site scripting) vulnerability in versions <=4.8. At moment of writing this blog, it is installed on 1,00,000+ websites. Slimstat is a known plugin for tracking website analytics in real time, it monitors and reports stats of access logs, returning customers and registered users, JavaScript events, etc.

Close