Global CyberSecurity
WordPress Malware Disables Security Plugins to Avoid Detection
Post Views: 1,798 An alarm or monitoring system is a great tool that can be used to improve the security of a home ...
Global CyberSecurity
Reflected XSS in WordPress Plugin Admin Pages
Post Views: 1,629 The administrative dashboard in WordPress is a pretty safe place: Only elevated users can access it. Exploiting a plugin’s admin ...
Global CyberSecurity
Insufficient Privilege Validation in NextScripts: Social Networks Auto-Poster
Post Views: 2,141 NextScripts: Social Networks Auto-Poster is a plugin that automatically publishes posts from your blog to your Social Media accounts such ...
Global CyberSecurity
Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites
Post Views: 1,711 Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access ...
Global CyberSecurity
Using assert() to Execute Malware in PHP 7 Environments
Post Views: 1,345 Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the ...
Global CyberSecurity
Persistent WordPress User Injection
Post Views: 1,514 Our team recently stumbled across an interesting example of malicious code used to add an arbitrary user inside WordPress. The ...
Global CyberSecurity
Magento Multiversion (1.x/2.x) Backdoor
Post Views: 2,177 The Magento 1 EOL date has already passed, however it’s evident that a large number of websites will continue to ...
