Vulnerability in Essential Addons for Elementor Leads to Mass Infection
Ben Martin On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
Browsing Tag
Balada Injector
38 posts
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Denis Sinegubko Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Hacked Website Threat Report – 2022
Rianna MacLeod Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this…
Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often…
Top Ten Most Cumbersome Website Infections to Remove in 2021
In today’s post we’re going to be going over the top ten most cumbersome website infections to remove, based on the sheer number of files…
Massive WordPress JavaScript Injection Campaign Redirects to Ads
Krasimir Konov Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam…
Website Malware Guide: How to Fix the WordPress Redirect Hack
If you’ve recently discovered that your WordPress site is redirecting other sites or unwanted ads, then your website may have been hacked. Learn about how…
Vulnerabilities Digest: July 2020
John Castro Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Asset CleanUp: Page Speed Authenticated XSS 1.4.6.7 80000 Quiz And Survey Master Authenticated Stored XSS 7.0.0…
Vulnerabilities Digest: June 2020
Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of…
Vulnerabilities Digest: May 2020
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs WP Product Review Unauthenticated Stored XSS 3.7.6 40000 Form Maker by 10Web Authenticated SQL Injection —…
Vulnerabilities Digest: April 2020
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By…