WordPress
WordPress plugin used by millions sports critical site-hijacking flaw
Another popular Yoast WordPress plugin has been found sporting a critical vulnerability that can be exploited by attackers to take over control of the site. A week ago it was …
Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking
Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also …
Huge IT Slider WordPress plugin opens SQL injection hole
The 50,000+ active users of the Huge IT Slider WordPress plugin are advised to update to the latest version, as it closes a vulnerability that can be exploited by website …
Over a million WP sites at risk of hijacking due to plugin bug
Users who run their websites on the popular WordPress CMS and are also using the WP-Slimstat web analytics plugin should update as soon as possible, warns Sucuri vulnerability …
Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
100k+ WP websites compromised by SoakSoak malware
Sucuri Security researchers are warning about a massive compromise of WordPress sites sporting malicious JavaScript leading visitors to malware. The discovery was made on …
Tens of thousands web servers backdoored via pirated CMS themes and plug-ins
Over 23,000 websites set up with the help of Joomla, WordPress and Drupal content management systems have been compromised and used for illegal search engine optimization by …
Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise …
WordPress most targeted CMS by hackers?
Imperva released the results of its Web Application Attack Report (WAAR), the result of analysis of a subset of 99 applications protected by Imperva’s WAF over a period …
WordPress vulnerability database
Back in 2012, the fine folks behind the BruCON conference announced that from the 2013 edition of their popular event, a special budget will be allocated for supporting …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
Critical bug in WordPress plugin allows site hijacking
A popular WordPress plugin that allows site owners to easily customize the contact form has a critical vulnerability that can be exploited to download and remotely modify the …