https://www.wordfence.com/blog/2019/05/podcast-episode-17-3-severe-wordpress-plugin-vulnerabilities/ Mikey Veenstra joins us to talk about three WordPress plugins with severe vulnerabilities affecting well over 150,000 WordPress installations. Two plugins have been patched, one has not. With Mark under deadline for a film project, Mikey also talks some security news with Kathy. We cover a Docker vulnerability, anatomy of a SIM port attack, […]
More info:
https://www.wordfence.com/blog/2019/05/podcast-episode-17-3-severe-wordpress-plugin-vulnerabilities/
https://www.wordfence.com/blog/2019/05/critical-vulnerability-patched-in-popular-convert-plus-plugin/ Description: Unauthenticated Administrator CreationCVSS v3.0 Score: 10.0 (Critical)CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HAffected Plugin: Convert PlusPlugin Slug: convertplugAffected Versions: <= 3.4.2Patched Version: 3.4.3 On Friday May 24th, our Threat Intelligence team identified a vulnerability present in Convert Plus, a commercial WordPress plugin with an
More info:
https://www.wordfence.com/blog/2019/05/critical-vulnerability-patched-in-popular-convert-plus-plugin/
http://feedproxy.google.com/~r/sucuri/blog/~3/d8JMQVX8MLw/return-to-the-city-of-cron-malware-infections-on-joomla-and-wordpress.html We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was being created by a cron that was scheduled to download malware from a third party domain. Persistent Malware Infection on WordPress and Joomla Websites […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/d8JMQVX8MLw/return-to-the-city-of-cron-malware-infections-on-joomla-and-wordpress.html
More info:
https://wpvulndb.com/vulnerabilities/9287
http://feedproxy.google.com/~r/sucuri/blog/~3/d8JMQVX8MLw/return-to-the-city-of-cron-malware-infections-on-joomla-and-wordpress.html We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was being created by a cron that was scheduled to download malware from a third party domain. Persistent Malware Infection on WordPress and Joomla Websites […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/d8JMQVX8MLw/return-to-the-city-of-cron-malware-infections-on-joomla-and-wordpress.html
https://wpvulndb.com/vulnerabilities/9289
More info:
https://wpvulndb.com/vulnerabilities/9289
https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plugin/ Toward the end of April, an unnamed security researcher published details of an unpatched vulnerability in WP Database Backup, a WordPress plugin with over 70,000 users. The vulnerability, which was irresponsibly disclosed to the public before attempting to notify the plugin’s developers, was reported as a plugin configuration change flaw. A proof of concept […]
More info:
https://www.wordfence.com/blog/2019/05/os-command-injection-vulnerability-patched-in-wp-database-backup-plugin/
https://wpvulndb.com/vulnerabilities/9293
More info:
https://wpvulndb.com/vulnerabilities/9293
https://wpvulndb.com/vulnerabilities/9292
More info:
https://wpvulndb.com/vulnerabilities/9292
https://wpvulndb.com/vulnerabilities/9290
More info:
https://wpvulndb.com/vulnerabilities/9290
