WordPress MalCare Security plugin <= 4.57 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability discovered by Lenon Leite in WordPress MalCare Security plugin versions = 4.57. Solution Update the WordPress MalCare Security plugin to the latest available version at least 4.58...

Critical Bug in WordPress Plugins Open Sites to Hacker Takeovers

UPDATE Security researchers are warning users of two WordPress plugins – made by Brainstorm Force – that they need to patch a “major” vulnerability that could allow hackers to gain administrative access to any website using the plugins. According to Brainstorm Force, it is only aware of one...

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder," or "Ultimate Addons for Elementor" and haven't recently updated them to the latest available versions. Security researchers have discovered a critical yet easy-to-exploit...

WordPress Ultimate Addons for Elementor plugin <= 1.20.0 - Authentication Bypass vulnerability

Authentication Bypass vulnerability found by MalCare in WordPress Ultimate Addons for Elementor plugin versions = 1.20.0. Solution Update the WordPress Ultimate Addons for Elementor plugin to the latest available version at least 1.20.1...

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...