Tag Archives: WordPress

Hackers compete for vulnerable WordPress sites

Hackers compete for WordPress sites

Recently, a dangerous vulnerability was found in the File Manager plugin for WordPress that allows uploading malicious files to sites. Hackers have already started competing for WordPress sites that are affected by this vulnerability. The File Manager plugin is used by over 700,000 resources, and although the vulnerability has already …

Read More »

Hackers attacked 900,000 WordPress sites over a week

Hackers attacked sites on WordPress

Wordfence specialists noticed that a group of hackers launched a large-scale campaign against WordPress sites. Using various known vulnerabilities, hackers attacked almost a million resources over the last week. This is not the first malicious campaign aimed at WordPress users, but the scale this time, and even against the backdrop …

Read More »

Cybercriminals hide malicious WordPress plugins in visible places

Malicious wordpress plugins hide

To gain access to sites based on the WordPress content management system, attackers use malicious plugins with backdoor functions that are hidden in visible place. According to Sucuri experts, the functionality of some of these plugins, in particular initiatorseo and updrat123, was copied from the extremely popular UpdraftPlus plugin designed …

Read More »

Analysts found vulnerabilities in WordPress plugin that means security threat for nearly 800 000 websites

Sucuri company specialists found significnat vulnerabilities in Duplicate Page plugin. This plugin is installed and works on more than 800 000 WordPress–powered websites. Discovered error allows to a user with minimal privileges (for instance to subscriber) implementing a side code with obtaining access to administrator’s password and other confidential information. …

Read More »