Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Antony Garand

22 posts
Antony Garand is Sucuri's Threat Researcher who joined the company in 2019. Antony's main responsibilities include researching vulnerabilities and dissecting malware. His professional experience covers many years of security research and development. When Antony isn't breaking stuff, you might find him at the dog park or learning new skills. Connect with him on Twitter
Duplicated WordPress Vulnerabilities
  • Website Security
  • WordPress Security

Duplicated Vulnerabilities in WordPress Plugins

  • Antony Garand
  • April 24, 2020
During a recent plugin audit, we noticed a weird pattern among many plugins responsible for performing a specific task: Duplicating a page or a post.…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • WordPress Security

Reflected XSS in Cookiebot Administrative Page

  • Antony Garand
  • March 23, 2020
A reflected XSS vulnerability has recently been found in the Cookiebot plugin plugin, impacting a user base of over 40k installs. Versions prior to 3.6.1…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Reflected XSS in Advanced Ads Admin Dashboard

  • Antony Garand
  • March 17, 2020
A patch for a vulnerability in the Advanced Ads plugin has been released. Prior to version 1.17.4, attackers were able to exploit two reflected XSS…
Read the Post
Phishing for Digital Gold
  • Website Security

Creative Phishing for Digital Gold on RuneScape

  • Antony Garand
  • February 6, 2020
RuneScape is an extremely popular massive multiplayer online game. With over 200 million generated accounts, its claim to fame is that it’s one of the…
Read the Post
Why Hackers Create Phishing Campaigns
  • Security Education
  • Website Malware Infections
  • Website Security

Why Hackers Create Phishing Campaigns

  • Antony Garand
  • December 9, 2019
Phishing is a malicious attempt to obtain personally identifiable information of a victim. The first thing to keep in mind about phishing is the goal…
Read the Post
Phishing Campaign
  • Security Education
  • Website Security

How to Recognize a Phishing Campaign

  • Antony Garand
  • November 20, 2019
Phishing attacks and campaigns have always been a hot topic in online security. With many posts tagged as “phishing” on our blog — the first…
Read the Post
WordPress Vulnerability
  • Vulnerability Disclosure
  • Website Malware Infections
  • Website Security
  • WordPress Security

WordPress Plugin WP Statistics: Unauthenticated Stored XSS Under Certain Configurations

  • Antony Garand
  • July 3, 2019
The WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability on versions prior to 12.6.7.…
Read the Post
WordPress Vulnerability
  • Vulnerability Disclosure
  • Website Security
  • WordPress Security

Slimstat: Stored XSS from Visitors

  • Antony Garand
  • May 21, 2019
The WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress website. It will track certain…
Read the Post
WordPress Vulnerability
  • Vulnerability Disclosure
  • Website Security
  • WordPress Security

WordPress Plugin Give – Stored XSS for Donors

  • Antony Garand
  • May 15, 2019
​​Give is a WordPress plugin which allows users to setup a donation page on a website. It currently has 60k installs. ​​During a recent audit…
Read the Post
WordPress Vulnerability
  • Vulnerability Disclosure
  • Website Security
  • WordPress Security

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

  • Antony Garand
  • May 13, 2019
The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and…
Read the Post
Revslider new vulnerability with IRC Botnet
  • Security Education
  • Website Malware Infections
  • WordPress Security

Behind the Malware – Botnet Analysis

  • Antony Garand
  • February 24, 2016
While analyzing our website firewall logs we discovered an old vulnerability being retargeted in RevSlider, a popular WordPress plugin. In 2014 / 2015, this led to massive website compromises.…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'