Morioh
Login
Mckayla Quigley

Mckayla Quigley

2 years ago

WordPress plugins continue to offer an attractive avenue of attack for cybercriminals.

In January, researchers warned of two vulnerabilities (one critical) in a WordPress plugin called Orbit Fox that could allow attackers to inject malicious code into vulnerable websites and/or take control of a website. Also that month, a plugin called PopUp Builder, used by WordPress websites for building pop-up ads for newsletter subscriptions, was found to have a vulnerability could be exploited by attackers to send out newsletters with custom content, or to delete or import newsletter subscribers.

And in February, an unpatched, stored cross-site scripting (XSS) security bug was found to potentially affect 50,000 Contact Form 7 Style plugin users.

#wordpress #cyberattackers #plugin #bug

Cyberattackers Exploiting Critical WordPress Plugin Bug

threatpost.com

Cyberattackers Exploiting Critical WordPress Plugin Bug

The Plus Addons for Elementor plugin for WordPress has a critical security vulnerability that attackers can exploit to quickly, easily and remotely take over a website. First reported as a zero-day bug, researchers said it’s being actively attacked in the wild.

1.20 GEEK