Tag Archives WordPress

WordPress Vulnerability Assesment & Penetration Testing - WordPress Vulnerability Scanner

These days, Cyber attacks have become a regular phenomenon, featuring almost every week in the headlines. At times, it's just some crazy fan printing pages from vulnerable printers around the globe to vote for his icon, other times it could be a group of hackers targeting popular CMSes with malware. Even a script kiddie can exploit common vulnerabilities in your site and damage critical infrastructure using loads of tools available online for free. Especially users of open source CMS like WordPress are amongst the soft targets. With the rise in cyber attacks, WordPress security audit has become more important than ever.

Yellow Pencil Visual Theme Customizer Plugin Exploited - Redirect & Adds Unauthenticated Users

The buzz around exploitation in WordPress plugins was not yet down, when a new report of exploitation in WordPress theme Yellow Pencil Visual theme customizer surfaced. This theme was quite popular with more than 30000 active installations at the time it was taken down from the WordPress's official site. After the vulnerabilities in two of its software was made public by a security researcher, the attempts of exploitation soared. Due to the attacks that followed many sites are now redirecting to other malicious sites

Wordpress Plugin Advanced Contact Form 7 DB vulnerable to SQLi

A very severe SQLi vulnerability has been uncovered in popular WordPress Plugin - Advanced Contact Form 7 DB, having more than 40,000+ active installations. The vulnerability was first reported on March 26th, and the new patched version 1.6.1 has been made live two days ago on 10th of April. However, the current users still have reasons to worry as this vulnerability could be exploited by hackers having even a subscriber's account.

WordPress Hacked? These WordPress Vulnerabilities Could be the Reason

Managing content on the web now is just a matter of seconds affair, thanks to WordPress open-source structure. WordPress has been on the web since the time when blogging was only a new trend. WordPress has evolved with time and has created a successful ecosystem of plugins & themes developers and users. However, like any popular software solution, WordPress has its fair share of security vulnerabilities. Recently, the WordPress iOS app was found leaking sensitive access token of WordPress blog to third party websites. Apart from this, WordPress is one of the widely targeted CMS by attackers and thousands of users each year suffer from a WordPress site hacked. Weighing in on WordPress's security concerns, its CEO Matt Mullenweg once remarked that,

Woocommerce vs Prestashop comparision

Planning to take your business online? The basic requirements include an eye-catching website and an effortless Content management system(CMS) cut out for an e-commerce website. Well, PrestaShop & WooCommerce are both open-source platforms to build your e-commerce websites on. Hence, the dilemma of choosing one between PrestaShop vs WooCommerce, two leaders of this space can be mind-numbing. So, in this…

WordPress MultiLingual Exploit

A Cybersecurity vulnerability once again made it to the headlines raising serious concerns about the safety of data in the digitalized generation that we live in. Today, websites are read in thousands of languages across the world. Wordpress, the popular Content Management System which allows us to create websites has a plugin for the very same. WPML or a WordPress…

Woocommerce spambot protection

Have a website on WordPress? Then 90% of the comments might be spam. The numbers are shocking and they are not only in your comment sections. They are probably everywhere. Without adequate protection against them, they can cause critical damage to your website. Combating WordPress spambots and keeping them out of your website requires information about what they are and…

Top Exploited WordPress Plugins in 2018

Introduction This year a lot of plugins were launched which had a lot of innovative features like SEO optimization, a new editing interface and several newer ones which enhance the functionality of Wordpress and help us to achieve more productivity via our work on WordPress. However many of these plugins have been exploited by hackers this year for malicious purposes like…

Close