You searched for tagdiv

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

Denis Sinegubko
October 6, 2023

In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin…

Read the Post

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

Denis Sinegubko
August 22, 2018

This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites. When redirected, users see annoying pages with random…

Read the Post

Mal.Metrica Redirects Users to Scam Sites

Ben Martin
May 2, 2024

One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the…

Read the Post

Thousands of Sites with Popup Builder Compromised by Balada Injector

Denis Sinegubko
January 10, 2024

On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…

Read the Post

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

Denis Sinegubko
April 6, 2023

Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…

Read the Post

WordPress Security

Massive 1800ForBail WordPress Hacks

Denis Sinegubko
June 28, 2019

Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the…

Read the Post

Malware Campaign Evolves to Target New Plugins: May 2019

John Castro
May 28, 2019

A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. Easily automated…

Read the Post

Multi-Vector Attack in Server Logs

John Castro
March 25, 2019

We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this…

Read the Post

WordPress Security

Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability

Pedro Peixoto
November 9, 2018

We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigations show that the issue is…

Read the Post

Multiple Ways to Inject Tech Support Scams

WordPress Security

Multiple Ways to Inject the Same Tech Support Scam Malware

Denis Sinegubko
October 23, 2018

Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites. Shortly…

Read the Post

Multi-Vector WordPress Infection from Examhome

Denis Sinegubko
September 18, 2018

This September, we’ve been seeing a massive infection wave that injects malicious JavaScript code into .js, .php files and the WordPress database.> The script looks…

Read the Post