20,000 WordPress Websites Infected via Trojanized Themes
An active supply chain campaign that has been ongoing since late 2017 has infected at least 20,000 websites via malicious WordPress themes and plugins,...
Tagged: WordPress
WordPress botnet deploys anti-adblocker script to make sure its spammy ads are profitable
The threat actor behind the internet’s largest WordPress botnet is using an anti-adblocker script to make sure the ads they inject on hacked sites...
WordPress Websites Hacked via Vulnerabilities in Two Themes Plugins
Vulnerabilities in two popular WordPress plugins, ThemeREX Addons and ThemeGrill Demo Importer, are being exploited to hack websites. The vulnerability affecting the ThemeGrill Demo...
Hackers exploit zero-day in WordPress plugin to create rogue admin accounts
Image: ZDNet, WordPress Hackers are exploiting a zero-day vulnerability in a WordPress plugin made by ThemeREX, a company that sells commercial WordPress themes. The...
hacking wordpress / Vulnerability / WordPress / WordPress plugin / Wordpress plugin vulnerability / WordPress Security / WordPress Theme
Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated...
Bug in WordPress plugin can let hackers wipe up to 200,000 sites
WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes...
Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin
A serious vulnerability found in a WordPress themes plugin with over 200,000 active installations can be exploited to wipe a website’s database and gain...
Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent
Threat Intelligence Index Report from IBM X-Force Christopher Scott, Global remediation lead, IBM X-Force incident response and intelligence services, sits down with Tonya Hall...
Flaw in ‘Code Snippets’ Plugin Exposed Many WordPress Sites to Attacks
Popular WordPress plugin Code Snippets recently received a patch for a high-severity vulnerability that can be exploited to take control of affected websites. The...
WordPress plugin vulnerability can be exploited for total website takeover
Critical bugs in WordPress plugins put over 300,000 websites at risk If you use these plugins you should update immediately as firewall protection will...