Wordpress

WordPress Plugin Vulnerability Exposes 23k+ Websites to HackingWordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking

WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking

Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled…

2 months ago
Credit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment DataCredit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment Data

Credit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment Data

Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress…

3 months ago
New WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment DataNew WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment Data

New WordPress Plugin That Weaponizes Legit Sites To Steal Customer Payment Data

Cybercriminals have developed PhishWP, a malicious WordPress plugin, to facilitate sophisticated phishing attacks, which enable attackers to create convincing replicas…

3 months ago
200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability

200,000 WordPress Sites Exposed to Cyber Attack, Following Plugin Vulnerability

A critical security vulnerability has been discovered in the popular WordPress plugin Anti-Spam by CleanTalk, which is installed on over 200,000…

4 months ago
4M+ WordPress Websites to Attacks, Following Plugin Vulnerability4M+ WordPress Websites to Attacks, Following Plugin Vulnerability

4M+ WordPress Websites to Attacks, Following Plugin Vulnerability

A critical vulnerability has been discovered in the popular "Really Simple Security" WordPress plugin, formerly known as "Really Simple SSL,"…

5 months ago
ClickFix Malware Infect Website Visitors Via Hacked WordPress WebsitesClickFix Malware Infect Website Visitors Via Hacked WordPress Websites

ClickFix Malware Infect Website Visitors Via Hacked WordPress Websites

Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins,…

5 months ago
Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress SitesUnauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites

Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites

A critical vulnerability has been discovered in the GiveWP plugin, a popular WordPress donation and fundraising platform. This vulnerability, CVE-2024-5932,…

8 months ago
Hackers Actively Exploiting WordPress Plugin Arbitrary File Upload VulnerabilityHackers Actively Exploiting WordPress Plugin Arbitrary File Upload Vulnerability

Hackers Actively Exploiting WordPress Plugin Arbitrary File Upload Vulnerability

Hackers have been actively exploiting a critical vulnerability in the WordPress plugin 简数采集器 (Keydatas). The vulnerability, CVE-2024-6220, allows unauthenticated threat…

8 months ago
SocGholish Malware Attacking Windows Users Using Fake Browser UpdateSocGholish Malware Attacking Windows Users Using Fake Browser Update

SocGholish Malware Attacking Windows Users Using Fake Browser Update

The SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a…

8 months ago
Hackers Exploit Multiple WordPress Plugins to Hack Websites & Create Rogue Admin AccountsHackers Exploit Multiple WordPress Plugins to Hack Websites & Create Rogue Admin Accounts

Hackers Exploit Multiple WordPress Plugins to Hack Websites & Create Rogue Admin Accounts

Wordfence Threat Intelligence team identified a significant security breach involving multiple WordPress plugins.  The initial discovery was made when the…

9 months ago