-
LiteSpeed Cache WordPress plugin bug lets hackers get admin access
The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin rights.
- October 31, 2024
- 12:19 PM
1
-
Over 6,000 WordPress sites hacked to install plugins pushing infostealers
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware.
- October 21, 2024
- 01:53 PM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
Jetpack fixes critical information disclosure flaw existing since 2016
WordPress plugin Jetpack released a critical security update earlier today, addressing a vulnerability that allowed a logged-in user to access forms submitted by other visitors to the site.
- October 14, 2024
- 03:30 PM
- 0
-
Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks.
- August 27, 2024
- 01:25 PM
- 0
-
Hackers are exploiting critical bug in LiteSpeed Cache plugin
Hackers have already started to exploit the critical severity vulnerability that affects LiteSpeed Cache, a WordPress plugin used for accelerating response times, a day after technical details become public.
- August 22, 2024
- 06:14 PM
- 1
-
Litespeed Cache bug exposes millions of WordPress sites to takeover attacks
A critical vulnerability in the LiteSpeed Cache WordPress plugin can let attackers take over millions of websites after creating rogue admin accounts.
- August 21, 2024
- 01:22 PM
- 1
-
Hackers target WordPress calendar plugin used by 150,000 sites
Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute code remotely.
- July 09, 2024
- 01:21 PM
- 2
-
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
- May 07, 2024
- 05:42 PM
- 0
-
WP Automatic WordPress plugin hit by millions of SQL injection attacks
Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access.
- April 25, 2024
- 10:27 AM
- 0
-
Critical Forminator plugin flaw impacts over 300k WordPress sites
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.
- April 20, 2024
- 11:19 AM
- 1
-
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.
- April 03, 2024
- 02:21 PM
- 3
-
Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code.
- March 10, 2024
- 11:38 AM
- 4
-
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks
The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database.
- November 14, 2023
- 06:32 PM
- 1
-
Save $260 on this ChatGPT-powered WordPress plugin deal
AI is only useful when you can tap into it on demand. This ChatGPT WordPress plugin lifetime license adds AI to your site for $39.97, $260 off the $300 MSRP and a price you can only get now through the end of October 15th.
- October 12, 2023
- 07:19 AM
- 0
-
New WordPress backdoor creates rogue admin to hijack websites
A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity.
- October 11, 2023
- 05:23 PM
- 8
-
Jupiter X Core WordPress plugin could let hackers hijack sites
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication.
- August 24, 2023
- 01:26 PM
- 1
-
WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting account security at risk.
- July 14, 2023
- 11:55 AM
- 0
-
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs
Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures and registering rogue administrator accounts.
- June 30, 2023
- 03:49 PM
- 2
-
Add AI features to your WordPress site with this ChatGPT plug-in deal
ChatGPT can be a powerful tool for building content and winning over customers. This AI-powered plugin makes deployment simple for $59.99, 79% off the $299 MSRP.
- June 14, 2023
- 02:11 PM
- 0
-
WordPress Stripe payment plugin bug leaks customer order details
The WooCommerce Stripe Gateway plugin for WordPress was found to be vulnerable to a bug that allows any unauthenticated user to view order details placed through the plugin.
- June 13, 2023
- 12:02 PM
- 0
