Cyber Security
The WordPress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin. The plugin version...
Hi, what are you looking for?
The WordPress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin. The plugin version...
An open source project designed to help security researchers fingerprint WordPress Plugins is seeking feedback and contributors. Currently in beta mode, WPHash is a free-to-use web...
Researchers have gone public with a six-year-old blind server-side request forgery (SSRF) vulnerability in a WordPress Core feature that could enable distributed denial-of-service (DDoS) attacks. In a...
UPDATED WordPress websites running BackupBuddy have been urged to update the plugin amid reports of active exploitation of a high severity arbitrary file download/read vulnerability. BackupBuddy,...
WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan. DDoS...
A researcher at security firm Cyllective has unearthed vulnerabilities in dozens of WordPress plugins, affecting tens of thousands of installations. Dave Miller, who leads...
Attackers are abusing the Certificate Transparency (CT) system to compromise new WordPress sites in the typically brief window of time before the content management system (CMS)...
A year-on-year surge has been observed in the number of security vulnerabilities found in the WordPress ecosystem. The number of flaws reported in plugins and themes...
A subdomain takeover vulnerability in a popular WordPress hosting platform could allow an attacker to deploy malicious code to a victim by impersonating a...
Hide My WP, a popular WordPress security plugin, contained a serious SQL injection (SQLi) vulnerability and a security flaw that enabled unauthenticated attackers to deactivate the software. Now...
Recent Comments