The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk.
Tag Archives: Sucuri
1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure
WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
Attackers Capitalizing on Unpatched WordPress Sites
WordPress sites slow to update to the recent 4.7.2 security release run the risk of falling victim to a handful of defacement attacks spotted by Sucuri.
WordPress Infections Leading to TeslaCrypt Ransomware
A massive string of WordPress compromises are redirecting victims to the Nuclear Exploit Kit and Teslacrypt ransomware.
Attacks Ramp Up Against Joomla Zero Day
Researchers at Sucuri said attacks against a zero-day vulnerability in Joomla, which has been patched, have accelerated since the weekend.
Attackers Targeting Unpatched Joomla Sites Through SQL Injection Vulnerability
Attackers have been carrying out attacks on sites running old, unpatched versions of Joomla following the disclosure of a critical SQL injection vulnerability in the software last week
WordPress Fixes Critical Stored XSS Error in Akismet
Developers at Automattic fixed a stored cross-site scripting error this week in Akismet, the anti-spam plugin that figures into millions of WordPress websites.
WordPress Jetpack Plugin Patched Against Stored XSS Vulnerability
The popular Jetpack WordPress plugin was updated this week in order to patch a critical stored cross-site scripting vulnerability.
SWF Files Injecting Malicious iFrames on WordPress, Joomla Sites
Researchers have seen an uptick in Adobe Flash .SWF files being used to trigger malicious iFrames across websites.
More than 1 Million WordPress Sites Open to SQL Injection Attacks
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.