Website Security News
We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin. Versions lower than 1.2.42 of Snap Creek Duplicator plugin are vulnerable to…
Sucuri has always been active in the WordPress community. We’ve attended WordCamps around the world, created tools and features specifically for WordPress, and have maintained a free WordPress security plugin…
Read More about New Guide on How to Use the Sucuri WordPress Security Plugin
In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques including whitelists, blacklists, and…
This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites. When redirected, users see annoying pages with random utroro[.]com addresses and fake reCAPTCHA…
Since July, we’ve been observing a massive WordPress infection that is responsible for unwanted redirects to scam and ad sites. This infection involves the tiny.cc URL shortener, a fake plugin…
Read More about Fake Plugins with Popuplink.js Redirect to Scam Sites
We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types of scams, however, phishing scam…
Read More about Google and Facebook Used in Phishing Campaigns
The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then. Some of the changes were documented as updates at the bottom…
On February 8th, 2018, we noticed a new wave of WordPress infections involving two malicious plugins: injectbody and injectscr. These plugins inject obfuscated scripts, creating unwanted pop-up/pop-unders. Whenever a visitor…
Read More about Unwanted Pop-ups Caused by Injectbody/Injectscr Plugins
As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the YITH WooCommerce Wishlist plugin for WordPress. This plugin allows visitors and…
Read More about SQLi Vulnerability in YITH WooCommerce Wishlist
On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are used together on a single…
Read More about Formidable Forms / Shortcodes Ultimate Exploits In The Wild
During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met,…
