Hackers Exploit Multiple WordPress Plugins to Hack Websites & Create Rogue Admin Accounts

Wordfence Threat Intelligence team identified a significant security breach involving multiple WordPress plugins.  The initial discovery was made when the…

4 weeks ago

Mal.Metrica Malware Hijacks 17,000+ WordPress Sites

Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA…

3 months ago

Sign1 Malware Hijacked 39,000 WordPress Websites

A client's website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which…

4 months ago

Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks

A critical vulnerability was discovered in two plugins developed by miniOrange. The affected plugins, miniOrange’s Malware Scanner and Web Application…

4 months ago

Hacked WordPress Sites Using Visitors’ Browsers For Distributed Brute Force Attacks

Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors.  A recent increase…

5 months ago

Hackers Exploit WordPress Plugin Flaw to Deploy Godzilla Web Shell

Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell.…

5 months ago

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000…

5 months ago

WordPress Plugin Flaw Exposes 90K+ Websites to Hack Attack

Over 90,000 websites are currently at risk due to a vulnerability found in the WordPress Backup Migration Plugin. This vulnerability…

7 months ago

Critical Jetpack WordPress Flaw Exposes Millions of Website

This vulnerability could be used by authors on a site to manipulate any files in the WordPress installation

1 year ago

WordPress Plugin Flaw Let Attackers Hijack 1m Websites

The widely-used Elementor plugin, "Essential Addons for Elementor," has been discovered to have a security flaw that enables unauthorized users…

1 year ago