Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects

Discussion in 'other security issues & news' started by guest, Mar 22, 2019.

  1. guest

    guest Guest

    Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects
    March 22, 2019
    https://www.bleepingcomputer.com/ne...ulnerability-used-to-add-malicious-redirects/
     
  2. guest

    guest Guest

    Popular Yuzo WordPress Plugin Exploited to Redirect Users to Scams
    April 10, 2019
    https://www.bleepingcomputer.com/ne...-plugin-exploited-to-redirect-users-to-scams/
     
  3. guest

    guest Guest

    Mailgun hacked part of massive attack on WordPress sites
    Spray-and-pray hacking campaign hits Mailgun's WordPress site and redirects users to malicious sites
    April 10, 2019
    https://www.zdnet.com/article/mailgun-hacked-part-of-massive-attack-on-wordpress-sites/
     
  4. guest

    guest Guest

    WordPress Yellow Pencil Plugin Flaws Actively Exploited
    Yet another Wordpress plugin, Yellow Pencil Visual Theme Customizer, is being exploited in the wild after two software vulnerabilities were discovered
    April 12, 2019

    https://threatpost.com/wordpress-yellow-pencil-plugin-exploited/143729/
     
  5. guest

    guest Guest

    A security researcher with a grudge is dropping Web 0days on innocent users
    Exploits published over the past three weeks exposed 160,000 websites to potent attacks
    April 13, 2019

    https://arstechnica.com/information...udge-is-dropping-web-0days-on-innocent-users/
     
  6. guest

    guest Guest

    Exploits in the Wild for WordPress Social Warfare Plugin CVE-2019-9978
    April 22, 2019
    https://unit42.paloaltonetworks.com...ordpress-social-warfare-plugin-cve-2019-9978/
     
  7. guest

    guest Guest

    Flashpoint: Our site was not dishing malware
    April 23, 2019
    https://www.scmagazine.com/home/security-news/flashpoint-our-site-was-not-dishing-malware/
    Flash Point: After-Action Report: Flashpoint Remediation of 0-Day Exploit on Our Public-Facing Website
     
  8. guest

    guest Guest

    Bug in WordPress Live Chat Plugin Lets Hackers Inject Scripts
    May 15, 2019
    https://www.bleepingcomputer.com/ne...live-chat-plugin-lets-hackers-inject-scripts/
     
  9. guest

    guest Guest

    Currently Tracking: WordPress Plugin Vulnerabilities Causing Malicious Redirects
    May 17, 2019
    https://www.sitelock.com/blog/tracking-wordpress-plugin-vulnerabilities/
     
  10. guest

    guest Guest

    Hackers actively exploit WordPress plugin flaw to send visitors to bad sites
    May 30, 2019
    https://arstechnica.com/information...ss-plugin-flaw-to-send-visitors-to-bad-sites/
     
  11. guest

    guest Guest

    Irked Researcher Discloses Facebook WordPress Plugin Flaws
    Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook
    June 17, 2019

    https://threatpost.com/irked-researcher-discloses-facebook-wordpress-plugin-flaws/145771/
     
  12. guest

    guest Guest

    Recent WordPress Vulnerabilities Targeted by Malvertising Campaign
    July 22, 2019
    https://www.wordfence.com/blog/2019...rabilities-targeted-by-malvertising-campaign/
     
  13. guest

    guest Guest

    Authenticated XSS Found in WordPress Plugin Facebook Widget
    July 29, 2019
    https://www.securityweek.com/authenticated-xss-found-wordpress-plugin-facebook-widget
     
  14. guest

    guest Guest

    WordPress plugins vulnerable to redirects
    August 27, 2019
    https://www.scmagazine.com/home/security-news/cyberattack/wordpress-plugins-vulnerable-to-redirects/
     
  15. guest

    guest Guest

    WordPress sites under attack as hacker group tries to create rogue admin accounts
    Hackers exploit vulnerabilities in more than ten WordPress plugins to plant backdoor accounts on unpatched sites
    August 30, 2019

    https://www.zdnet.com/article/wordp...r-group-tries-to-create-rogue-admin-accounts/
    Wordfence: Ongoing Malvertising Campaign Evolves, Adds Backdoors and Targets New Plugins
     
  16. guest

    guest Guest

    Hackers Exploit Unpatched Bug in Rich Reviews WordPress Plugin
    September 25, 2019
    https://www.bleepingcomputer.com/ne...patched-bug-in-rich-reviews-wordpress-plugin/
     
  17. guest

    guest Guest

    Open Redirect Bug in Bridge Theme Plugin Opens Admins to Spearphishing
    October 22, 2019
    https://threatpost.com/open-redirect-bug-bridge-theme/149437/
    Wordfence: Open Redirect Vulnerability Patched In Bridge Theme
     
  18. guest

    guest Guest

    WordPress plugin bug lets hackers create rogue admin accounts
    April 27, 2020
    https://www.bleepingcomputer.com/ne...bug-lets-hackers-create-rogue-admin-accounts/
    Wordfence: High Severity Vulnerability Patched in Real-Time Find and Replace Plugin
     
  19. guest

    guest Guest

    Hackers target WordPress sites running OneTone theme
    April 28, 2020
    https://www.techradar.com/news/hackers-target-wordpress-sites-running-onetone-theme
    Sucuri: OneTone Vulnerability Leads to JavaScript Cookie Hijacking
     
  20. guest

    guest Guest

    KingComposer fixes a reflected XSS impacting 100,000 WordPress sites
    July 10, 2020
    https://securityaffairs.co/wordpress/105749/hacking/kingcomposer-reflected-xss.html
    Wordfence: XSS Flaw Impacting 100,000 Sites Patched in KingComposer
     
  21. guest

    guest Guest

    WordPress plugin bug impacts 1M sites, allows malicious redirects
    October 28, 2021
    https://www.bleepingcomputer.com/ne...-impacts-1m-sites-allows-malicious-redirects/
    Wordfence: 1,000,000 Sites Affected by OptinMonster Vulnerabilities
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.