Defunct Malware Can Cause Problems Too
Harshad Mane Recently our incident response analyst Harshad Mane worked on a site that redirected users to a third-party malicious site whenever they logged into the WordPress…
Browsing Category
WordPress Security
666 posts
From .tk Redirects to PushKa Browser Notification Scam
Denis Sinegubko In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities…
SQL Injection in Advance Contact Form 7 DB
John Castro As part of our regular research audits for our Sucuri Firewall, we discovered an SQL injection vulnerability affecting 40,000+ users of the Advanced Contact Form…
Attacks on Closed WordPress Plugins
The WordPress plugin repository team may “close” plugins and restrict downloads when they become aware of a security issue that the developer cannot fix quickly.…
DDoS Targeting WordPress Search
Northon Torga Have you ever stopped to think about how many resources a search engine has or if your website could handle the same amount of search…
SQL Injection in Duplicate-Page WordPress Plugin
Marc-Alexandre Montpas While investigating the Duplicate Page plugin, we have discovered a dangerous SQL Injection vulnerability. Though the plugin wasn’t abused externally, the vulnerability impacted over 800,000…
Malware Campaigns Sharing Network Resources: r00ts.ninja
Luke Leal We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign…
Social Warfare Vulnerability Probes
After a recent disclosure of the Social Warfare plugin vulnerability, we’ve seen massive attacks that inject malicious JavaScripts into the plugin options. The vulnerability has…
Stored XSS Patched in WordPress 5.1.1
WordPress recently released an update, 5.1.1, which patches a stored XSS vulnerability in the platform’s comment system. Even 10 days after the release of this…
Super Amazon Banners Plugin Gone Rogue
Krasimir Konov During a recent investigation we found the plugin Super Amazon Banners to be serving malware/spam via the domain seoranker[.]info. We suspect that the domain expired…
Multi-Vector Attack in Server Logs
We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this…