Category Archives 911 Hack Removal

Authentication Bypass Vulnerability in WP Time Capsule Ver

WP Time Capsule is quite a popular WordPress plugin when it comes to WordPress back-ups & staging. It has turned the complex processes of backing up & staging a click's affair. However, given the fragile nature of security in WordPress plugins, vulnerability disclosures are not quite unexpected. Certainly, the WP Time Capsule plugin is no exception. In fact, on the 8th of January, a serious Authentication Bypass Vulnerability was discovered in this popular plugin.

PrestaShop Issued a Warning Against "XsamXadoo" Malware

PrestaShop has released an advisory to inform about a potential threat in the shape of a malware named XsamXadoo on its stores. Hackers are, allegedly, using this malware to gain access to your PrestaShop Store. Several PrestaShop store owners have already been comprised by this malware. From what we came to know of, this malware exploits known vulnerabilities in PHP tool - PHPUnit, which is present in several of the PrestaShop modules.

Vulnerability in Ultimate Addons for Elementor & Beaver Builder - Update Required

Critical vulnerability found in Popular WordPress plugins Ultimate Addons for Elementor and Ultimate Addons for Beaver Builder. Developed by Brainstorm Force team, it makes a set of plugins easily accessible for your WordPress website. Ultimate Addons released an advisory on both its websites regarding the patch of vulnerability. However, it does not detail the vulnerability in the advisory. Nevertheless, we dug the vulnerability details from other sources.

.Bt WordPress Malware Redirects Visitors to Malicious Pharma Sites - Detection & Cleanup

Different WordPress malware campaigns are used to carry out different malicious activities. One such malware campaign has started with the .Bt WordPress hack. It is named so because this kind of infection creates files with .bt extension on your WordPress site under the root directory or the "wp-admin" or "wp-admin/css" directory. Here you will find the causes, symptoms, detection, and removal of the hack.

WP maintenance plugin has been found to be vulnerable to CSRF and stored XSS. On November 15th, WordFence reported the vulnerability to WP maintenance plugin's developers. Following which the plugin developers (Florent Malliefaud) urgently patched the vulnerability in just a day. Version 5.0.6 is free of vulnerabilities. We recommend you update your plugin from any previous version to this. About…

WordPress theme-Bridge has been found to have an open redirect vulnerability.  As its name suggests, this vulnerability lets a hacker redirect a site's visitors to unauthentic & malicious domains. Anyone on the version <=18.2 faces risk. With this post, we intend to make you aware of the vulnerability and the quick mitigation measures you can take. Plus, we'll dissect the…

Free Website Security Scanner