A Walk Through a Year of Website Security: Part II

Part I of our 2021 Security Walkthrough shows the initial 5 posts of our top 10.

6 – Vulnerable Plugin Exploited in Spam Redirect Campaign

It was brought to our malware research team’s attention that a vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. The type of vulnerability found is known as a privilege escalation, which essentially allows a user to gain elevated access by exploiting a bug, and can allow files to be uploaded. 

Continue reading A Walk Through a Year of Website Security: Part II at Sucuri Blog.