Fake UpdraftPlus Plugins
Denis Sinegubko We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins…
Browsing Category
WordPress Security
666 posts
Cryptominers & Backdoors Found in Fake Plugins
Krasimir Konov When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past couple of months we’ve also…
Plugins added to Malware Campaign: September 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
A New Wave of Buggy WordPress Infections
We’ve been following an ongoing malware campaign for the past couple of years now. This campaign is renowned for its prompt addition of exploits for…
Raising Awareness: WPBeginner Spotlight
Chase Watts We’re dedicated to creating the best website security guides and professional services. One way we get our message out is by partnering with open-source CMS…
Plugins Under Attack: August 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Fake Human Verification Spam
Luke Leal We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these…
Dissecting the WordPress 5.2.3 Update
Marc-Alexandre Montpas Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes. Part of our day to…
How to Audit & Cleanup WordPress Plugins & Themes
Pilar Garcia In an interview with Smashing Magazine our CoFounder (now Head of Security Products at GoDaddy) Tony Perez was asked the following question. What Makes WordPress…
How Domain Expiration Can Potentially Disrupt Other Websites
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the…
Lack of controls when using WordPress’ update_option() with user input data equals plugin nightmare
As mentioned in recent posts, WordPress’ update_option() function is used to update any option in the options database table. If the permission flow when using…