The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.
The post Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks
The issue allows attackers to inject SQL queries and extract sensitive information from the database.
The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek.
Critical King Addons Vulnerability Exploited to Hack WordPress Sites
A critical-severity vulnerability in the King Addons for Elementor plugin for WordPress has been exploited to take over websites.
The post Critical King Addons Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
Year-Old WordPress Plugin Flaws Exploited to Hack Websites
Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced.
The post Year-Old WordPress Plugin Flaws Exploited to Hack Websites appeared first on SecurityWeek.
Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations
The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched.
The post Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations appeared first on SecurityWeek.
Hackers Inject Malware Into Gravity Forms WordPress Plugin
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.
The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover
A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites.
The post Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover appeared first on SecurityWeek.
Motors Theme Vulnerability Exploited to Hack WordPress Websites
Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords.
The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek.
Second OttoKit Vulnerability Exploited to Hack WordPress Sites
Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges.
The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
