CVE/vulnerability
30,000 WordPress Sites Exposed to Exploitation via File Upload Vulnerability
A critical security vulnerability in the "Security & Malware scan by CleanTalk" plugin has left over 30,000 WordPress websites exposed to exploitation.The vulnerability, identified as CVE-2024-13365, allows unauthenticated attackers to...
Cyber Security News
10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware
Over 10,000 WordPress websites have been hijacked to deliver malicious software targeting both macOS and Windows users.Researchers revealed this week how attackers leveraged vulnerabilities...
CVE/vulnerability
WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking
Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled Easy Real Estate plugin...
CVE/vulnerability
200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability
A critical security vulnerability has been discovered in the popular WordPress plugin Anti-Spam by CleanTalk, which is installed on over 200,000 websites.The vulnerability, which...
CVE/vulnerability
Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites
A critical vulnerability has been discovered in the GiveWP plugin, a popular WordPress donation and fundraising platform.This vulnerability, CVE-2024-5932, exposes over 100,000 WordPress sites...
Cyber Security News
WordPress Plugin Flaw Exposes 90K+ Websites to Hack Attack
Over 90,000 websites are currently at risk due to a vulnerability found in the WordPress Backup Migration Plugin. This vulnerability has enabled unauthenticated remote...
Cyber Security News
WordPress POP Chain Flaw Exposes Over 800M+ Websites to Attack
A critical remote code execution vulnerability has been patched as part of the Wordpress 6.4.2 version.This vulnerability exists in the POP chain introduced...
Exploit
Zero-day Stored XSS Vulnerability in WordPress Social Share Plug-in let Hackers to Compromise 70,000 Websites
Researchers discovered a critical Stored XSS Zero-day flaw in widely used social sharing plug-in called "Social Warfare" let attackers inject the malicious script and...