Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Browsing Tag

Vulnerability

13 posts
Understanding CSRF
  • Security Education
  • Website Security

Understanding CSRF: Cross-site Request Forgery Explained

  • Kyle Knight
  • May 14, 2025
Cross-Site Request Forgery, often called CSRF (or its other nicknames, Session Riding and XSRF), is a tricky type of attack. In short, it lets attackers…
Read the Post
Fake GIF Leveraged in Multi-Stage Reverse Proxy Card Skimming Attack
  • Magento Security
  • Security Advisory
  • Website Malware Infections

Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack

  • Ben Martin
  • April 25, 2025
In today’s post we’re going to review a sophisticated, multi-stage carding attack on a Magento eCommerce website. This malware leveraged a fake gif image file,…
Read the Post
What is a zero-day vulnerability?
  • Security Education
  • Website Security

What is a Zero-Day Vulnerability?

  • Gerson Ruiz
  • April 25, 2024
Navigating the world of website security can feel like stepping into a minefield, especially when you have to navigate threats like zero-day vulnerabilities. Zero-days are…
Read the Post
New Broken Access Control Guide
  • Security Education
  • Website Security

New Guide: Broken Access Control

  • Rianna MacLeod
  • December 26, 2023
The complexity of modern websites exposes countless potential vulnerabilities to lurking attackers. One of the most underestimated threats? Broken Access Control (BAC). The risk lies…
Read the Post
How to Install the WordPress Vulnerability Scanner
  • Security Education
  • Web Pros
  • WordPress Security

WPScan Intro: How to Install the WordPress Vulnerability Scanner 

  • Alycia Mitchell
  • April 21, 2021
What does your WordPress site look like to hackers? Would it be tough to crack? Or does it have unlocked doors and unlatched windows just waiting for someone…
Read the Post
Labs Note
  • Security Advisory
  • Vulnerability Disclosure

Vulnerable Plugins: June 2020 Update

  • John Castro
  • June 19, 2020
This is a mid-month update to our regular Monthly Vulnerability Digest, which reveals a number of new patches for disclosed vulnerabilities. Plugin Vulnerability Patched Version…
Read the Post
Labs Note
  • Security Education
  • Sucuri Labs
  • Vulnerability Disclosure
  • Website Malware Infections

Vulnerabilities Digest: May 2020

  • John Castro
  • May 29, 2020
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs WP Product Review Unauthenticated Stored XSS 3.7.6 40000 Form Maker by 10Web Authenticated SQL Injection —…
Read the Post
Labs Note
  • Ecommerce Security
  • Magento Security
  • Sucuri Labs
  • Vulnerability Disclosure
  • Website Malware Infections
  • Website Security

Vulnerabilities Digest: April 2020

  • John Castro
  • May 1, 2020
Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • WordPress Security

WPTF Hybrid Composer – Unauthenticated Arbitrary Options Update

  • John Castro
  • July 11, 2019
With almost 300 installs, WPTF – Hybrid Composer is a framework that helps users easily create custom themes for WordPress. We recently noticed an increase…
Read the Post
Labs Note
  • Sucuri Labs
  • Vulnerability Disclosure
  • Website Malware Infections
  • WordPress Security

Social Warfare Vulnerability Probes

  • Denis Sinegubko
  • March 29, 2019
After a recent disclosure of the Social Warfare plugin vulnerability, we’ve seen massive attacks that inject malicious JavaScripts into the plugin options. The vulnerability has…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • WordPress Security

Super Amazon Banners Plugin Gone Rogue

  • Krasimir Konov
  • March 26, 2019
During a recent investigation we found the plugin Super Amazon Banners to be serving malware/spam via the domain seoranker[.]info. We suspect that the domain expired…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'