Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without...
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. Researchers at Patchstack discovered and disclosed the...
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. WooCommerce Payments...
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to...
The WordPress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin. The plugin version is 7.4.1...
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept (PoC) exploit was made public....
Threat actors have discovered a new technique to insert malicious code into websites. They are currently utilizing Eval PHP, an abandoned WordPress plugin. Mostly, website backdoors...
A cyber attack campaign targeting WordPress websites has recently caused significant concern, with experts estimating that up to one million websites may have been compromised. The campaign has...
Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites. Elementor Pro is a WordPress page...
A new credit card stealing hacking campaign is doing things differently than we have seen in the past by hiding their malicious code inside the ‘Authorize.net’...
Recent Comments