WordPress Visitor statistics Plugin found Vulnerable to SQL Injection
An SQL Injection vulnerability discovered in one of the famous WordPress plugin WP Statistics, which is used by more than 300,000+ websites.
This plugin is used to find the visitor statistics and provide the graphical representation. The plugin is very useful...
WordPress Download Manager Plugin Vulnerable to Cross Site Scripting attack
Reflected XSS vulnerability found in the WordPress Download Manager opens the gate for Hackers and they also do anything an admin can do.
WordPress Download Manager is a Files / Documents Management Plugin to manage, track and control file downloads...
WordPress AffiliateWP Plugin Vulnerable for Cross-Site Scripting
Amid the security review of AffiliateWP plugin for WordPress CMS, Security Vulnerabilities was found utilizing DefenseCode ThunderScan by Neven Biruski in application source code security testing phase.
Vulnerability Description
XSS is a very commonly exploited vulnerability type which is very widely...
WordPress 4.7.5 released with patch for Six Major Security Issues Including CSRF & XSS
Most expected WordPress 4.7.5 is now available for update. This security update covers six security issues that exist with WordPress version 4.7.4 including CSRF.
Security Issues addressed
Insufficient redirect validation within the communications protocol category. Reported by Ronni Skansing.
Improper handling of...
