Advertisement
Top

Websites Hacked via Zero-Day Flaws in WordPress Plugins

October 3, 2017

Via: Security Week
Category:

Zero-day flaws affecting several WordPress plugins have been exploited by malicious actors to plant backdoors and take control of vulnerable websites.

The attacks have been spotted by Wordfence, a company that specializes in protecting WordPress websites.

The firm’s investigation revealed that attackers had been exploiting previously unknown vulnerabilities in three WordPress plugins. The flaws, described as critical PHP object injection issues, affect the Appointments, Flickr Gallery, and RegistrationMagic-Custom Registration Forms plugins.

Read More on Security Week

RELATED PUBLICATIONS

US water facility OT infrastructure is under attack again
Network specialist debuts free tool that promises to solve VPN and ZTNA connectivity issues for good
Passwords under seven characters can be easily cracked

Latest Publications

Chinese government website security is often worryingly bad, say Chinese researchers
Indonesia sneakily buys spyware, claims Amnesty International
97% of security leaders have increased SaaS security budgets
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!