Advisory – Dangerous “nonce” Leak in UpdraftPlus
Marc-Alexandre Montpas If you’re a user of the UpdraftPlus plugin for WordPress, now is the time to update. During a routine audit of our Website Firewall (WAF),…
Browsing Category
Security Advisory
215 posts
AdSense Abused with Malvertising Campaign
Denis Sinegubko Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them…
New Malware Campaign – WPcache-Blogger – Affects Thousands more WordPress Websites via RevSlider
Daniel Cid If SoakSoak wasn’t enough, we are starting to see a new malware campaign leveraging the RevSlider vulnerability and compromising thousands of WordPress sites in the…
SoakSoak Malware Compromises 100,000+ WordPress Websites
Tony Perez This Sunday has started with a bang. Google has blacklisted over 11,000 domains with this latest malware campaign from SoakSoak.ru: Our analysis is showing impacts…
Security Advisory – High Severity– WordPress Download Manager
Mickael Nadeau If you’re using the popular WP Download Manager plugin (around 850,000 downloads), you should update right away. During a routine audit for our Website Firewall…
Security Advisory – High Severity – InfiniteWP Client WordPress plugin
If you’re using the InfiniteWP WordPress Client plugin to manage your website, now is a good time to update. While doing a routine audit of…
JoomDonation Compromised
We are receiving reports from many users of the popular JoomDonation platform that they received a very scary email from someone that supposedly hacked into…
Security Advisory – High severity – WP-Statistics WordPress Plugin
If you’re using the WP-Statistics WordPress plugin on your website, now is the time to update. While doing a routine audit for our Website Firewall…
Security Advisory – Medium Severity – WP eCommerce WordPress Plugin
If you’re using the popular WP eCommerce WordPress plugin (2,900,000 downloads), you should update it right away. During a routine audit for our Website Firewall…
Highly Critical SQL Injection Vulnerability Patched in Drupal Core
The Drupal team just released a security update for Drupal 7.x to address a highly critical SQL injection vulnerability. This bug can be exploited remotely…
Security Advisory – Hikashop Extension for Joomla!
In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…