Joomla! 3.3.5 Released – Fixing High Priority Security Issues
Daniel Cid Update: It seems like there is a glitch in the new version and the Joomla team is urging its users not to upgrade yet. From…
Browsing Category
Vulnerability Disclosure
254 posts
Bash – ShellShocker – Attacks Increase in the Wild – Day 1
The Bash ShellShocker vulnerability was first disclosed to the public yesterday. Just a few hours after the initial release, we started to see a few…
Bash Vulnerability – Shell Shock – Thousands of cPanel Sites are High Risk
The team behind the Bash project (the most common shell used on Linux) recently issued a patch for a serious vulnerability that could allow for…
Security Advisory – Hikashop Extension for Joomla!
Marc-Alexandre Montpas In a routine audit of our Website Firewall we discovered a serious vulnerability within the Hikashop ecommerce product for Joomla! allowing remote code execution on…
WordFence WordPress Security Plugin Pushes a Security Update
David Dede If you are one of the many users of the WordPress Security Plugin, WordFence, we highly encourage you to update. They recently pushed out a…
Security Advisory – VirtueMart Extension for Joomla!
If you’re using the popular VirtueMart Joomla! extension (more than 3,500,000 downloads), you should update right away. During a routine audit for our Website Firewall (WAF)…
Slider Revolution Plugin Critical Vulnerability Being Exploited
12.17.2014: See more information on the SoakSoak massive malware outbreak resulting from this vulnerability: RevSlider Vulnerability Leads To Massive WordPress SoakSoak Compromise by Daniel Cid…
Security Advisory – Akeeba Backup for Joomla!
We have also released a more recent post exploring this vulnerability further: The Details Behind the Akeeba Backup Vulnerability If you’re a user of the…
Critical Vulnerability Disclosed on WordPress Custom Contact Forms Plugin
If you’re a using the Custom Contact Forms WordPress plugin, you need to update it right away. During a routine audit for our WAF, we…
WordPress and Drupal Core Denial Of Service Vulnerability – Moderately Critical
Both WordPress and Drupal are affected by a DoS (denial of service) vulnerability on the PHP XML parser used by their XMLRPC implementations. The issue…
Responsible Disclosure – Sucuri Open Letter to MailPoet and Future Disclosures
Tony Perez Many don’t know who I am. My name is Tony Perez, I’m the CEO of Sucuri. I have the pleasure of calling this company my…