Vulnerable plugins plague the CMS website security landscape
Vulnerable plugins, extensions, and default settings are responsible for a high rate of website compromise, according to new research. Content management systems (CMSs) are...
Tagged: Plugins
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes
In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were backdoored with malicious...
High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor...
Hackers Start Exploiting Recent Vulnerabilities in Thrive Theme WordPress Plugins
Over 100,000 WordPress websites could be exposed to attacks targeting a couple of recently addressed vulnerabilities affecting Thrive Theme plugins, warns the Wordfence Threat...
Flaws in Two Popular WordPress Plugins Affect Over 7 Million Websites
Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a...
Pirated themes and plugins are the most widespread threat to WordPress sites
Image: ZDNet, WordPress Pirated (aka nulled) themes and plugins were the most common source of malware infections on WordPress sites in 2020, according to...
Flaws in Ninja Forms, LearnPress Plugins Exposed WordPress Sites to Attacks
High-severity vulnerabilities patched in the Ninja Forms and LearnPress WordPress plugins could be exploited to take over vulnerable sites, WordPress security company Defiant reports....
Critical Bugs Found in 3 Popular e-Learning Plugins for WordPress Sites
Security researchers are sounding the alarm over newly discovered vulnerabilities in some popular online learning management system (LMS) plugins that various organizations and universities...
WordPress to add auto-update feature for themes and plugins
The WordPress developer team is working on adding an auto-update mechanism to themes and plugins, a common source of website hacks, primarily because site...
WordPress Websites Hacked via Vulnerabilities in Two Themes Plugins
Vulnerabilities in two popular WordPress plugins, ThemeREX Addons and ThemeGrill Demo Importer, are being exploited to hack websites. The vulnerability affecting the ThemeGrill Demo...