CVE-2024-1861

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackertruncatescantable function in all versions up to, and including, 4.52. This mak...

CVE-2024-1861

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackertruncatescantable function in all versions up to, and including, 4.52. This mak...

PT-2024-18369 · WordPress · Disable Json Api

Name of the Vulnerable Software and Affected Versions: Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress versions up to, and including, 4.51 Description: The issue is related to unauthorized modification of data due to a missing...

CVE-2022-3880 AntiHacker < 4.20 - Subscriber+ Arbitrary Plugin Installation

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan WordPress plugin before 4.20 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins fro...

CVE-2022-3880 AntiHacker < 4.20 - Subscriber+ Arbitrary Plugin Installation

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan WordPress plugin before 4.20 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins fro...

WordPress plugin AntiHacker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

AntiHacker < 4.20 - Subscriber+ Arbitrary Plugin Installation

The plugin does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org PoC Run the below command in the developer console of the web browser while being on the blog as ...

AntiHacker < 4.20 - Subscriber+ Arbitrary Plugin Installation

The plugin does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins from wordpress.org Run the below command in the developer console of the web browser while being on the blog as a...

DarkComet RAT Used in New Attack on Syrian Activists

There is a new attack campaign that’s targeting dissidents in Syria by enticing them to install an alleged security tool called AntiHacker, but instead installs the infamous DarkComet remote access tool that has the ability to log keystrokes, capture webcam images and take other surreptitious...

Kaspersky Antihacker DoS

By performing attack from spoofed addresses it's possible to block user's access to legitimate sites...

Kaspersky AntiHacker protection bypass

Firewall does not catches packet with invalid flags set...

AntiHacker

я принимал участие в бета-тестировании этого продукта и указал эту ошибку ещё в ноябре 2002 года, но от разработчиков не получил никаких сообщений, хотя и задавал вопрос об этой ошибке многократно до февраля 2003. эта ошибка была найдена в продукте Kaspersky AntiHacker v. 1.0.xxx на ОС win2k рус....