EHA
Home Search

WordPress - search results

If you're not happy with the results, please do another search
WordPress Plugin SQl Injection Exposes 1,000,000 Sites to Cyber Attack

WordPress Plugin SQL Injection Flaw Exposes 1,000,000 Sites to Cyber Attack

Over a million WordPress websites have been at risk due to a critical SQL Injection vulnerability discovered in the popular LayerSlider plugin. The flaw, CVE-2024-2879,...
WP-Members Plugin Flaw

WP-Members Plugin Expose WordPress Sites To Injection Attacks

A security researcher reported a critical vulnerability in the WP-Members Membership Plugin that allows attackers to inject malicious scripts and potentially take over websites.  Administrators...
WordPress Security : XSS Remains as the Most Vulnerability Exploited

WordPress Security : XSS Remains as the Most Vulnerability Exploited

Of all the security flaws discovered in the WordPress ecosystem, cross-site scripting (XSS) vulnerabilities accounted for about 53.3% of the total. As of last year,...
Hackers Selling WordPress 0-day

Hackers Selling WordPress 0-day Exploits on Hacker Forums

A new post on a hacker forum has advertised the sale of a WordPress 0-day exploit. The seller claims that the exploit, packaged as...
WordPress Bricks RCE Flaw

Critical RCE Flaw in WordPress Bricks Theme Exposes 25,000+ Sites

A critical Remote Code Execution (RCE) vulnerability in the Bricks Builder theme for WordPress has put over 25,000 websites at risk, prompting an urgent...
WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks

WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks

In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin.  This vulnerability, categorized as an...
New WordPress Malware as Cache Plugin Creates Rogue Admin Account

New WordPress Malware as Cache Plugin Creates Rogue Admin Account

A novel kind of malware that acts as a sophisticated backdoor that can carry out several operations while impersonating a legitimate plugin has been...
Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data

Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data

The Wordpress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin.  The plugin version is...
WordPress Plugin XSS Flaw

Hackers Aggressively Exploiting WordPress Plugin XSS Flaw – 2 Million Sites Affected

The cybersecurity researchers at Akamai recently affirmed as web applications and third-party tools become more prevalent, the risk of cyber-attacks increases due to a...
XSS Attacks

Over 2 Million WordPress Websites Exposed to XSS Attacks

Patchstack security researchers recently warned that 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins are at risk of cross-site scripting attacks (XSS).  These...

Managed WAF

Website

Latest News