Malware & Threats Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin A backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence. Ionut ArghireOctober 12, 2023
Malware & Threats Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites Recently patched TagDiv Composer plugin vulnerability exploited to hack thousands of WordPress sites as part of the Balada Injector campaign. Eduard KovacsOctober 9, 2023
Vulnerabilities Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks A vulnerability in the All-in-One WP Migration plugin’s extensions exposes WordPress websites to attacks leading to sensitive information disclosure. Ionut ArghireAugust 31, 2023
Application Security Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations. Ionut ArghireJune 21, 2023
Vulnerabilities WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch PoC exploit targeting an XSS vulnerability in the Advanced Custom Fields WordPress plugin started being used in malicious attacks two days after patch. Ionut ArghireMay 15, 2023
Vulnerabilities WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks. Eduard KovacsMay 12, 2023
Vulnerabilities Vulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites A critical vulnerability in the Houzez premium WordPress theme and plugin has been exploited in the wild. Eduard KovacsFebruary 28, 2023