WordPress, Hashthemes Demo Importer has a critical vulnerability
Wordfence cybersecurity experts: The plugin flaw enables any authorized user to entirely wipe a site clean, erasing all of the material and data posted to it.
Cybersecurity, the WordPress Starter Template plugin has a flaw
Wordfence: The vulnerability allows Contributor level users to completely overwrite any page on the site with malicious JavaScript.
WordPress, critical vulnerability in Fancy Product Designer under active attack
Wordfence cybersecurity experts: The developer just released a patched version of the plugin, install it now!
WordPress, critical vulnerability discovered on “Spam protection, AntiSpam, FireWall”
The flaw in the plugin can be used to extract sensitive info from a site's database, including user emails and password hashes. There is also a PoC.
WordPress, NextGen Gallery fixed its last vulnerabilities
Wordfence cybersecurity experts: The plugin with over 800,000 installations had two Cross-Site Request Forgery (CSRF) flaws
Cybercrime, WordPress hit by waves of attacks targeting Epsilon Framework themes
Wordfence cybersecurity experts: They exploit Function Injection and other older vulnerabilities, The aggressions seem to search flaws.
WordPress, mass cybercrime scan to find XSS flaws
Wordfence cyber security experts: It seems to be the work of a single malicious actor, who uses JavaScript code to inoculate a backdoor, exploiting vulnerabilities in plugins.
WordPress, 13 plugins are vulnerable to XSS attacks
Cyber Security Experts: PoCs are also in circulation, allowing to easily exploit the flaws. Update your sites now!
WordPress, another flaw in plugin: this time it’s up to Bridge
Wordfence cyber security experts find the Open Redirect vulnerability assessing the ones related to Qode Instagram Widget and Twitter Feed. It allows to launch phishing and steal sensitive info.
WordPress, the ongoing malvertising campaign is evolving
WordFence cyber security experts: Cybercrime add backdoors and target new plugins to inject malicious JavaScript into sites. It redirects to harmful content, as malware droppers and fraud sites.