Lucene search
K

5 matches found

The Hacker News
The Hacker News
added 2024/06/25 3:32 a.m.24 views

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

7.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/06/24 3:21 p.m.17 views

Supply Chain Attack on WordPress.org Plugins Leads to 5 Maliciously Compromised WordPress Plugins

On Monday June 24th, 2024 the Wordfence Threat Intelligence team became aware of a plugin, Social Warfare, that was injected with malicious code on June 22, 2024 based on a forum post by the WordPress.org Plugin Review team. We immediately checked the malicious file and uploaded it to our interna...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/27 9:11 p.m.51 views

Red Hen website suffers SEO spam compromise

If you're thinking about checking out the website owned by the restaurant that asked White House press secretary Sarah Huckabee Sanders to leave the premises, you might want to hold off. There's some site compromise action afoot. Although the homepage appears to be acting in a perfectly normal...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2017/02/07 6:41 p.m.18 views

Thousands of WordPress Sites Hacked Using Recently Disclosed Vulnerability

Last week, we reported about a critical zero-day flaw in WordPress that was silently patched by the company before hackers have had their hands on the nasty bug to exploit millions of WordPress websites. To ensure the security of millions of websites and its users, WordPress delayed the...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2017/02/07 4:7 p.m.13 views

Attackers Capitalizing on Unpatched WordPress Sites

Attackers didn’t wait long to capitalize on laggards slow in updating their WordPress sites to patch a critical content injection vulnerability addressed in WordPress 4.7.2. The update was made public on Jan. 26 with WordPress disclosing six days later that the update also included a silent fix f...

7.6AI score
Exploits0References5
Rows per page
Query Builder