EHA
WordPress Bricks RCE Flaw

Critical RCE Flaw in WordPress Bricks Theme Exposes 25,000+ Sites

A critical Remote Code Execution (RCE) vulnerability in the Bricks Builder theme for WordPress has put over 25,000 websites at risk, prompting an urgent security update. The flaw, identified as CVE-2024-25600, was discovered by a...
WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks

WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks

In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin.  This vulnerability, categorized as an unauthenticated SQL injection, could potentially grant unauthorized access to sensitive...
New WordPress Malware as Cache Plugin Creates Rogue Admin Account

New WordPress Malware as Cache Plugin Creates Rogue Admin Account

A novel kind of malware that acts as a sophisticated backdoor that can carry out several operations while impersonating a legitimate plugin has been identified. The malware has several features, including the ability to modify...
Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data

Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Data

The Wordpress Stripe Payment Gateway plugin has been vulnerable to Unauthenticated Insecure Direct Object Reference (IDOR) Vulnerability. WooCommerce developed this plugin.  The plugin version is 7.4.1 and has nearly 900K installations worldwide. Usually, payments are...
Hackers Exploiting WordPress Plugin

Hackers Exploiting WordPress Plugin with Over 11M Installs

One of the most popular WordPress plugins, Elementor Pro, used by over eleven million websites, is vulnerable to a high-severity vulnerability that hackers have actively exploited. More than 12 million sites powered by WordPress have...
GoTrim Actively Brute Forces WordPress

GoTrim Actively Brute Forces WordPress Websites to Gain Admin Access

GoTrim, a new botnet malware that is based on the Go language has been spotted searching the internet for self-hosted WordPress (WP) sites in an attempt to brute force the admin's password and take...
Updraftplus plugin flaw

WordPress Plugin with over 3 million Installations Let Subscribers to Download Sensitive Backups

Updraftplus is a plugin used by most WordPress sites for backing up the data. This plugin is used by almost three million people worldwide. Previously, it was reported that this plugin was vulnerable to...
Jetpack Security Flaw

Jetpack Plugin With 5 Million Active Installation Suffered A Security Flaw

Jetpack is a plugin suite that combines essential WordPress features into one large plugin. It provides free security, performance, marketing, and website management features. With Jetpack, you can: Get a safer, stronger site via secure...
Cable vs. Satellite TV: Which One to Choose?

Cable vs. Satellite TV: Which One to Choose?

We all get confused when it comes to cable TV and satellites. Some people suggest us to go for cable TVwhile others recommend satellite TV. So, which one to choose?In this particular guide, we...
Site kit

Critical Vulnerability in Google Plugin Let Hackers Gain Access to Vulnerable Site’s Google Search...

Researchers discovered a critical vulnerability in Google's official WordPress plugin "Site Kit by Google that simply allows any verified user, in spite of competence, to become the Google Search Console owner for any website...

Managed WAF

Website

Latest News