Global CyberSecurity

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

By OTC 01/19/2021

Post Views: 526

Last Updated on 01/19/2021 by OTC

In mass infection scenarios, our Malware Research team often looks for attack vectors to find patterns and other similarities among compromised websites. The identification of these patterns allows us to deploy better and faster solutions to our customers, minimizing impacts from massive attacks.

Recently during a routine investigation, we found a number of vulnerabilities in 123contactform-for-wordpress WordPress Plugin Version <= 1.5.6. These critical vulnerabilities allow attackers to arbitrarily create posts and inject malicious files to the website without any form of authentication.

Continue reading Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin at Sucuri Blog.

Comments

Comments are closed.

More in Global CyberSecurity

Global CyberSecurity

Critical Vulnerabilities in 123contactform-for-wordpress WordPress Plugin

USS Porter conducts “Atlas Handshake” exercise with the Royal Moroccan Navy

UK orders three autonomus minesweepers from Atlas Elektronik

Comments

More in Global CyberSecurity

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Web Shells: Types, Mitigation & Removal

Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS

Cyber-Space

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS

WordPress Maintenance: Tasks & Best Practices

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Social EYK

PHMC GPE – WebLog

USS Porter conducts “Atlas Handshake” exercise with the Royal Moroccan Navy

UK orders three autonomus minesweepers from Atlas Elektronik

You may also like

Comments

More in Global CyberSecurity

Cyber-Space

Social EYK

PHMC GPE – WebLog