Massive Abuse of Abandoned Eval PHP WordPress Plugin
Ben Martin Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…
Browsing Category
WordPress Security
652 posts
Limit Login Attempts Vulnerability – Patch Now!
On April 11th, 2023, a software update was released to patch a severe vulnerability within the Limit Login Attempts WordPress security plugin. With over 600,000…
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Denis Sinegubko Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Hacked Website Threat Report – 2022
Rianna MacLeod Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this…
High Severity Vulnerability in WordPress Elementor Pro Patched
On March 22nd, 2023 a security patch was issued for the popular website builder plugin Elementor Pro. Website administrators using this plugin should immediately patch…
WordPress Vulnerability & Patch Roundup March 2023
Cesar Anjos Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…
Critical Vulnerability Discovered in WooCommerce Payments
On March 22nd, 2023 a critical vulnerability was discovered within the WooCommerce Payments plugin – an extremely popular eCommerce payment plugin for WordPress with over…
WooCommerce Credit Card Skimmer Reveals Tampered Plugin
Disclaimer: The malware infection described in this article does not affect the software plugin as a whole and does not indicate any vulnerabilities or security…
How to Find & Fix the WordPress Pharma Hack
Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just…
Magbo Spam Injection Encoded with hex2bin
We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but…
WordPress Vulnerability & Patch Roundup February 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes…