WordPress is a free and open-source content management system (CMS) written in PHP and paired with a MySQL or MariaDB database. A content management system is a tool that makes it easy to manage important aspects of your website without needing to know anything about programming. It powers over 35.2% (more than one in four) of all the websites on the Internet. Wordpress features include a plugin architecture and a template system, referred to within WordPress as Themes. It allows it to run, lets you edit the content of the site, create new posts and pages, and then makes sure that your website displays correctly on all devices.
Popular services, programs, and organizations have always been a target of cyber attacks to exploit the vulnerabilities in the service, steal users’ information, steal sensitive corporate information, or compromise the infrastructure. We have gathered the major cyber news over the past week including Cerberus RAT, WordPress plugins vulnerabilities, Cisco Webex phishing emails, Cisco update, and…
Vulnerabilities will always exist in systems, and vendors always come up with mitigations and updates to prevent potential attacks. Popular services and programs have long been a target of attacks to exploit the service itself or the users. We have gathered the major cyber news over the past week including WordPress plugin vulnerabilities, Adobe updates,…
WordPress security plugin, Wordfence, discovered two high severity vulnerabilities in the WordPress SEO Plugin – Rank Math. The vulnerabilities, if exploited, allow unauthorized attackers to grant or revoke administrative privileges or lock admins out. The privilege escalation vulnerability in the WordPress SEO plugin, Rank Math, allows attackers to grant administrative access to any registered user…
WordPress security plugin, Wordfence, released security patches for the vulnerable ThemeREX Addons plugin; they previously released a firewall rule for the Wordfence Premium users. Wordfence published a list of all affected ThemeREX themes and their patched versions, along with the vulnerable versions of the ThemeREX Addons plugin and the corresponding newly patched versions. ThemeREX Creates…
’ThemeGrill Demo Importer’ är ett populärt WordPress-temaplugin som har över 200 000 installationer. Det har nyligen upptäckts att plugin-programmet innehåller en signifikant sårbarhet som kan göra det möjligt för oautentiserade cyberbrottslingar att få kontroll över många webbplatser och bloggar om de inte är patchade. Det upptäcktes att sårbarheten har funnits i ThemeGrill-plugin under de senaste…
‘ThemeGrill Demo Importer’ is a popular WordPress theme plugin that has over 200,000 installations. It has recently been discovered that the plugin contains a significant vulnerability that could allow unauthenticated cybercriminals to gain control over numerous websites and blogs if they are unpatched. It is discovered that the vulnerability has existed in the ThemeGrill plugin…
Two WordPress plugins, InfiniteWP Client And WP Time Capsule, contain critical security vulnerabilities that allow adversaries to access a site’s backend with no password. The vulnerability is due to a logical mistake and has opened up an estimated 320,000 websites to exploit. InfiniteWP allows users to manage an unlimited number of WordPress sites from their servers. And WP…
