How to Secure & Harden Your Joomla! Website in 12 Steps
Victor Santoyo At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, advice can often be too broad; different content management systems…
Browsing Category
Joomla Security
84 posts
Security Lessons Learned from 2021
There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to…
Backdoor Shell Dropper Deploys CMS-Specific Malware
Krasimir Konov A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and…
Vulnerabilities Digest: July 2020
John Castro Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Asset CleanUp: Page Speed Authenticated XSS 1.4.6.7 80000 Quiz And Survey Master Authenticated Stored XSS 7.0.0…
Stored XSS in Elementor
Marc-Alexandre Montpas During a routine audit of WordPress plugins last december, we discovered a Stored XSS vulnerability in the very popular Elementor Page Builder plugin, which powers…
Hacked Website Threat Report – 2019
Rianna MacLeod The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop…
Throwback Threat Thursday: JCE Vulnerability
Luke Leal Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these…
Joomla! Security Best Practices: 12 Ways to Keep Joomla! Secure
At Sucuri, we’re often asked how website owners and webmasters can secure their websites. However, most advice can often be too broad; different content management…
Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection
Fioravante Souza Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these…
Return to the City of Cron – Malware Infections on Joomla and WordPress
We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had…
.htaccess Injector on Joomla and WordPress Websites
Eugene Wozniak During the process of investigating one of our incident response cases, we found an .htaccess code injection. It had been widely spread on the website,…