X

911 Hack Removal

PrestaShop’s Customer Photo Gallery Module Vulnerable to SQL Injection Attacks, Versions < 2.9.3 Affected

Recently, Astra Security researcher Prince Mendiratta discovered a critical SQLi vulnerability in PrestaShop’s Customer Photo Gallery, version 2.9.3 and below.…

What is WordPress Malvertising Hack & How to Fix It?

Are you seeing irrelevant ads popping up on your site that do not close at all? Does the ad content…

Revisiting the TimThumb Hack

We often consider WordPress vulnerabilities to have no beginning or end - they have always been there in one form…

Step-by-Step WordPress Malware Removal Guide

WordPress being so popular is often targeted by hackers. Most WordPress malware is stealthy by design and infection can go…

WordPress Websites Redirecting to Outlook Phishing pages – travelinskydream[.]ga, track.lowerskyactive

Although it is one of the most common attacks on WordPress, WordPress redirection hacks never cease to surprise. In a…

OpenCart Stores Targeted with GTM Malware, Steals CC Information

In an interesting find, our team has discovered an unusual credit card stealing malware in OpenCart websites that mimics Google…

New Malware Campaign targeting WordPress sites to Create Fake Spam Pages and Hijack Site’s SEO

Recently, Astra Security Threat Intelligence Team has spotted an ongoing malware campaign targeting WordPress sites in the wild. This malware…

Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

On March 28, 2021, Astra Security Threat Intelligence Team responsibly disclosed a vulnerability in Ivory Search, a WordPress Search Plugin…

Reflected XSS vulnerability found in ‘Cooked Pro – Recipe Plugin v1.7.5.5’ for WordPress – Update Immediately

Reflected Cross-site Scripting (XSS) vulnerability was discovered in the WordPress plugin "Cooked Pro" version 1.7.5.5 at multiple places which could…

Zero-Day Vulnerability in The Plus Addons for Elementor Plugin Puts Over 20,000 Websites at Risk

An extremely critical zero-day vulnerability has been patched in the premium plugin - The Plus Addons for Elementor (Version 4.1.7)…