Tag: Wordpress plugin

Here you will find all the articles with the tag: Wordpress plugin.

Vulnerability in popular WordPress plugin affects million websites

Vulnerability in popular WordPress plugin affects million websites

The WordPress plugin Better Search Replace has a critical vulnerability that hackers are actively exploiting. That's what the security experts at Wordfence Intelligence found. The popular WordPress plugin Better Search Replace has over 1 million installs worldwide. The plugin allows WordPress to... Read more

date4 months ago
150,000 WordPress sites at risk due to vulnerable SMTP plug-in

150,000 WordPress sites at risk due to vulnerable SMTP plug-in

A popular WordPress plug-in intended to send emails faster has been found to leave 150,000 websites vulnerable to a takeover. The developer of the POST SMTP plugin has acted swiftly, meaning a patch is already available. Wordfence reports that the vulnerability was submitted during a bug bounty ... Read more

date4 months ago
WordPress security plugin AIOS saved passwords as plain text

WordPress security plugin AIOS saved passwords as plain text

The WordPress security plugin All-In-One Security (AIOS) created a security flaw of its own accord. Because of a bug, the tool collected passwords and stored them as plain text in a database. AIOS for WordPress is installed on more than 1 million websites and provides security for WordPress webs... Read more

date10 months ago
Hackers exploit zero-day in WordPress plugin Ultimate Member

Hackers exploit zero-day in WordPress plugin Ultimate Member

Hackers have once again found a way to break into WordPress accounts. This time, a zero-day in the Ultimate Member plugin grants access. Hackers can penetrate 200,000 WordPress websites through a zero-day in the Ultimate Member plugin. The plugin serves website visitors with a simple account re... Read more

date11 months ago
WordPress patches, but plugin remains vulnerable without update

WordPress patches, but plugin remains vulnerable without update

Two WordPress plugins have received updates to fix vulnerabilities. The security-focused Jetpack plugin is managed by Automattic, the company behind WordPress. In that instance, the company opted for a force install: 5 million websites are said to have already been patched. Another plugin, Gravi... Read more

date12 months ago
WordPress Elementor plugin bug poses a catastrophic threat

WordPress Elementor plugin bug poses a catastrophic threat

WordPress Elementor contains a bug that poses a catastrophic security threat. The vulnerability affects over 1 million WordPress sites and can expose private information or even cause site deletion. This week BleepingComputer reported that "Essential Addons for Elementor", one of WordPress's mos... Read more

date1 year ago
WordPress plugin Elementor Pro vulnerable to attacks

WordPress plugin Elementor Pro vulnerable to attacks

The widely used WordPress plugin Elementor Pro can be abused to take over websites. According to a NinTechNet researcher, Elementor Pro has a vulnerability that allows cybercriminals to take over millions of websites. The vulnerability affects the plugin's access control. At issue is a compon... Read more

date1 year ago
WordPress hit with two critical-severity vulnerabilities

WordPress hit with two critical-severity vulnerabilities

Patchstack warns that hackers may exploit two premium add-ons primarily used on real estate websites. The Houzez theme plugin, which costs $69, claims to serve over 35,000 customers in the real estate industry by offering easy listing management and a smooth customer experience. According to Pat... Read more

date1 year ago
WordPress websites get a forced update

WordPress websites get a forced update

The UpdraftPlus vulnerability allowed anyone to make database backups, but a patch has been force installed on millions of WordPress sites to fix this issue WordPress recently launched a forced update to millions of websites to fix a critical vulnerability found in the UpdraftPlus plugin. It all... Read more

date2 years ago
1 2