WordPress Vulnerability Roundup: January 2021, Part 1

New WordPress plugin and theme vulnerabilities were disclosed during the first half of January. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress […] More info: https://ithemes.com/wordpress-vulnerability-roundup-january-2021-part-1/

WordPress Vulnerability Roundup: January 2021, Part 1

New WordPress plugin and theme vulnerabilities were disclosed during the first half of January. This post covers the recent WordPress plugin, theme, and core vulnerabilities and what to do if you run one of the vulnerable plugins or themes on your website. The WordPress Vulnerability Roundup is divided into three different categories: WordPress core, WordPress […] More info: https://ithemes.com/wordpress-vulnerability-roundup-january-2021-part-1/

Unauthenticated Remote Code Execution in e-signature plugin

During a recent audit we discovered an unauthenticated remote code execution in the plugin e-signature. All versions less than 1.5.6.8 are vulnerable. Disclosure / Response Timeline January 7, 2021: Initial […] More info: https://pagely.com/blog/unauthenticated-remote-code-execution-in-e-signature-plugin/

Unauthenticated Remote Code Execution in e-signature plugin

During a recent audit we discovered an unauthenticated remote code execution in the plugin e-signature. All versions less than 1.5.6.8 are vulnerable. Disclosure / Response Timeline January 7, 2021: Initial […] More info: https://pagely.com/blog/unauthenticated-remote-code-execution-in-e-signature-plugin/

Hacking WordPress websites & stealing WordPress passwords

A detailed explanation of how attackers use Man-in-the-Middle (MitM) to hack WordPress websites and login credentials. This article is for educational purposes only. Like any other web application with a login form, WordPress submits your username and password in an HTTP request when logging in. By default, HTTP is not an encrypted protocol. That means […] More info: https://www.wpwhitesecurity.com/hacking-wordpress-websites-passwords/

Hacking WordPress websites & stealing WordPress passwords

A detailed explanation of how attackers use Man-in-the-Middle (MitM) to hack WordPress websites and login credentials. This article is for educational purposes only. Like any other web application with a login form, WordPress submits your username and password in an HTTP request when logging in. By default, HTTP is not an encrypted protocol. That means […] More info: https://www.wpwhitesecurity.com/hacking-wordpress-websites-passwords/

OpenSSL vulnerability CVE-2020-1971

OpenSSL vulnerability CVE-2020-1971 Security Advisory Security Advisory Description The X.509 GeneralName type is a generic type for representing different types of names. One of those name types ... More info: https://support.f5.com/csp/article/K42910051?utm_source=f5support&utm_medium=RSS

OpenSSL vulnerability CVE-2020-1971

OpenSSL vulnerability CVE-2020-1971 Security Advisory Security Advisory Description The X.509 GeneralName type is a generic type for representing different types of names. One of those name types ... More info: https://support.f5.com/csp/article/K42910051?utm_source=f5support&utm_medium=RSS
Translate »