WordPress plugin flaw lets you take over entire sites

Discussion in 'other security issues & news' started by mood, Feb 11, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    WordPress plugin flaw lets you take over entire sites
    February 11, 2019
    https://www.zdnet.com/article/wordpress-plugin-flaw-lets-you-take-over-entire-sites/
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,753
    WordPress is quite the cluster****.
     
  3. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    WordPress shopping sites under attack
    Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites
    March 12, 2019

    https://www.zdnet.com/article/wordpress-shopping-sites-under-attack/
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    Hackers Abusing Recently Patched Vulnerability In Easy WP SMTP Plugin
    March 20, 2019
    https://www.wordfence.com/blog/2019...patched-vulnerability-in-easy-wp-smtp-plugin/
     
  5. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    Hidden code gives plugin developers admin access to WordPress sites
    April 1, 2019
    https://portswigger.net/daily-swig/...in-developers-admin-access-to-wordpress-sites
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    The curious case of a WordPress plugin, a rival site spammed with traffic, a war of words, and legal threats
    Devs strip code from toolkit amid blogger dramarama
    April 2, 2019

    https://www.theregister.co.uk/2019/04/02/pippip_attack_claims/
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    Arbitrary File Upload Vulnerability in popular WooCommerce extension
    April 25, 2019
    https://www.webarxsecurity.com/woocommerce-checkout-manager/
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    WP Live Chat WordPress Plugin Re-Patches File Upload Flaw
    May 6, 2019
    https://threatpost.com/wp-live-chat-wordpress-plugin-re-patches-file-upload-flaw/144420/
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    14,653
    WordPress Plugin WP Statistics Patches XSS Flaw
    A cross-site scripting vulnerability in WordPress plugin WP Statistics could have enabled full website takeover
    July 5, 2019

    https://threatpost.com/wordpress-plugin-wp-statistics-patches-xss-flaw/146248/
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.