Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.
Tag Archives: Sucuri
Following Exploits, Zero Day in WordPress Plugin FancyBox Patched
Developers have patched a zero day vulnerability in FancyBox, a plug-in for WordPress, which allowed malware to be added, via an iFrame, to infected sites.
PHP Applications, WordPress Subject to Ghost glibc Vulnerability
Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc.
Backdoors Found Leveraging Pastebin
Instead of relying on their own sites to host malware, hackers are using a series of strings of malicious backdoor code on Pastebin sites and calling upon it to execute malware.
WordPress Symposium Plug-In Plagued by File Upload Vulnerability
Researchers warn that since public disclosure of a file-upload vulnerability in the WordPress Symposium plug-in and the availability of proof-of-concept exploit code, scans and exploit attempts are on the rise.
Custom Websites Running HD FLV Player Plugin Vulnerable to Attack
CMS providers Joomla and WordPress have patched an arbitrary file download vulnerability in the HD FLV Player plug-in, but custom websites running the plug-in independently remain at risk.
WordPress 4.0.1 Update Patches Critical XSS Vulnerability
The latest version of WordPress, 4.0.1, patches a critical cross-site scripting vulnerability in comment fields that enables admin-level control over a website.