WordPress quickly turned around a patch for a stored cross-site scripting zero-day vulnerability in the CMS’ core engine.
Tag Archives: wordpress
Details on WordPress Zero Day Disclosed
A Finnish researcher has disclosed details on an unpatched stored cross-site scripting vulnerability in the WordPress core engine.
Australian government issues warning over ‘ISIS hacks’
Australia’s federal government has issued a warning over the spate of recent website hacks claiming to have links with extremist group ISIS.
The post Australian government issues warning over ‘ISIS hacks’ appeared first on We Live Security.
Peristent XSS Vulnerability Plagues WordPress Plugin
A persistent cross-site scripting (XSS) vulnerability exists in some versions of a popular WordPress caching engine plugin.
SWF Files Injecting Malicious iFrames on WordPress, Joomla Sites
Researchers have seen an uptick in Adobe Flash .SWF files being used to trigger malicious iFrames across websites.
SQL Injection Bug Fixed in Popular WordPress SEO Plug-In
Popular search engine optimization plugin, SEO by Yoast fixed a blind SQL injection vulnerability yesterday that could be exploited to take control of affected sites.
More than 1 Million WordPress Sites Open to SQL Injection Attacks
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.
Lack of CSPRNG Threatens WordPress Sites
WordPress has become a huge target for attackers and vulnerability researchers, and with good reason. The software runs a large fraction of the sites on the Internet and serious vulnerabilities in the platform have not been hard to come by lately. But there’s now a new bug that’s been disclosed in all versions of WordPress that […]
Enterprise Apps in Scope of Ghost glibc Vulnerability
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.
Zero-day exploit affects popular WordPress plugin
The Fancybox plugin for WordPress has been hit by a zero-day exploit that allows hackers to inject malicious code into websites, reports ZDNet.
The post Zero-day exploit affects popular WordPress plugin appeared first on We Live Security.