WordPress Security News & Updates

Malware Campaign Evolves to Target New Plugins: May 2019

John Castro
May 28, 2019

A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. Easily automated…

Read the Post

Return to the City of Cron – Malware Infections on Joomla and WordPress

Luke Leal
May 27, 2019

We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had…

Read the Post

Threat intelligence gathering from slight changes in malicious code samples

Luke Leal
May 24, 2019

We found the following PHP backdoor in August 2018 along with other malware samples uploaded after hackers exploit a specific vulnerable WordPress plugin covered in…

Read the Post

.htaccess Injector on Joomla and WordPress Websites

Eugene Wozniak
May 23, 2019

During the process of investigating one of our incident response cases, we found an .htaccess code injection. It had been widely spread on the website,…

Read the Post

Slimstat: Stored XSS from Visitors

Antony Garand
May 21, 2019

The WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress website. It will track certain…

Read the Post

Persistent Cross-site Scripting in WP Live Chat Support Plugin

John Castro
May 15, 2019

During a routine research audits for our Sucuri Firewall, we discovered an Unauthenticated Persistent Cross-Site Scripting (XSS) affecting 60,000+ users of the WP Live Chat…

Read the Post

WordPress Plugin Give – Stored XSS for Donors

Antony Garand
May 15, 2019

Give is a WordPress plugin which allows users to setup a donation page on a website. It currently has 60k installs. During a recent audit…

Read the Post

array_diff_ukey Usage in Malware Obfuscation

Luke Leal
May 14, 2019

We discovered a PHP backdoor on a WordPress installation that contained some interesting obfuscation methods to keep it hidden from prying eyes: $zz1 = chr(95).chr(100).chr(101).chr(115).chr(116).chr(105).chr(110).chr(97).chr(116).chr(105).chr(111).chr(110);…

Read the Post

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

Antony Garand
May 13, 2019

The Ultimate member plugin version 2.0.45 and lower is affected by multiple vulnerabilities, among them is a critical vulnerability allowing malicious users to read and…

Read the Post

Persistent XSS via CSRF in WP Meta and Date Remover

John Castro
May 7, 2019

During regular research audits for our Sucuri Firewall (WAF), we discovered a Cross Site Request Forgery (CSRF) leading to a persistent Cross Site Scripting vulnerability…

Read the Post

Insufficient Privilege Validation in WooCommerce Checkout Manager

John Castro
April 29, 2019

Due to the poor handling of a vulnerability disclosure, a new attack vector has appeared for the WooCommerce Checkout Manager WordPress plugin and is affecting…

Read the Post