Vulnerabilità e Bollettini gestiti - Periodo 2023
Exploiting WordPress Plugin Vulnerabilities to Steal AWS Metadata
PSA: YITH WooCommerce Gift Cards Premium Plugin Exploited in the Wild
Eleven Vulnerabilities Patched in Royal Elementor Addons
Holiday Attack Spikes Target Ancient Vulnerabilities and Hidden Webshells
PSA: Your Site Isn’t Hacked By This Bitcoin Scam, Keep the Money
Multiple Vulnerabilities Patched in Quick Restaurant Menu Plugin
High-Severity XSS Vulnerability in Metform Elementor Contact Form Builder
All In One SEO Pack Vulnerabilities Impacting 3 Million Sites Patched
The WordPress Ecosystem is Becoming More Secure with Responsible Disclosure Becoming More Common
Weekly WordPress Vulnerability Report for Feb 20-26, 2023
PSA: Intentionally Leaving Backdoors in Your Code Can Lead to Fines and Jail Time
WordPress Vulnerability Report for Feb 27th- Mar 5th, 2023
Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover
WordPress Vulnerability Report for Mar 6th- Mar 12th, 2023
Multiple Reflected Cross-Site Scripting Vulnerabilities in Three WordPress Plugins Patched
WordPress Vulnerability Report for Mar 13th – Mar 19th, 2023
PSA: Update Now! Critical Authentication Bypass in WooCommerce Payments Allows Site Takeover
WordPress Vulnerability Report for Mar 20th – Mar 26th, 2023
WordPress Vulnerability Report for Mar 27th – Apr 2nd, 2023
Update Now! Severe Vulnerability Impacting 600,000 Sites Patched in Limit Login Attempts
Privilege Escalation Vulnerability Patched Promptly in WP Data Access WordPress Plugin
Hiding in Plain Sight: Cross-Site Scripting Vulnerabilities Patched in Weaver Products
Blubrry Addresses Authenticated Stored XSS Vulnerability in PowerPress WordPress Plugin
Multiple Vulnerabilities Patched in Shield Security
WordPress Core 6.2.1 Security & Maintenance Release – What You Need to Know
PSA: Attackers Actively Exploiting Critical Vulnerability in Essential Addons for Elementor
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Credential-Stealing Server Side Request Forgery Patched in Getwid
Critical Security Update: Directorist WordPress Plugin Patches Two High-risk Vulnerabilities
Tyche Softwares Addresses Authentication Bypass Vulnerability in Abandoned Cart Lite for WooCommerce WordPress Plugin
StylemixThemes Addresses Authentication Bypass Vulnerability in BookIt WordPress Plugin
Arbitrary User Password Change Vulnerability in LearnDash LMS WordPress Plugin
miniOrange Addresses Authentication Bypass Vulnerability in WordPress Social Login and Register WordPress Plugin
PSA: Unpatched Critical Privilege Escalation Vulnerability in Ultimate Member Plugin Being Actively Exploited
Interesting Arbitrary File Upload Vulnerability Patched in User Registration WordPress Plugin
Massive Targeted Exploit Campaign Against WooCommerce Payments Underway
WebToffee Addresses Authentication Bypass Vulnerability in Stripe Payment Plugin for WooCommerce WordPress Plugin
weDevs Addresses Privilege Escalation Vulnerability in WP Project Manager WordPress Plugin
Threat Actors Using Obfuscation in Attempt to Evade Detection
Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites
Vulnerabilità e Bollettini gestiti Ottobre-Novembre-Dicembre 2022
National Cyber Security Awareness Month: You Could Be the Biggest Threat to Your WordPress Site
Patch Now: The WordPress 6.0.3 Security Update Contains Important Fixes
What Does The Fox Hack? Breaking Down the Anonymous Fox F-Automatical Script
Missing Authorization Vulnerability in Blog2Social Plugin
Russian Hacktivist Group Targets Political Websites with DDOS Attacks
Not Just for the Government: Using the NIST Framework to Secure WordPress
Configuration Probing: Your Backups Might Be Your Greatest Weakness
Spikes in Attacks Serve as a Reminder to Update Plugins
Vulnerabilità e Bollettini gestiti Luglio-Agosto-Settembre 2022
PSA: Sudden Increase In Attacks On Modern WPBakery Page Builder Addons Vulnerability
Analyzing Attack Data and Trends Targeting Log4j
High Severity Vulnerability Patched in Download Manager Plugin
Cross-Site Request Forgery Vulnerability Patched in Ecwid Ecommerce Shopping Cart Plugin
PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin
PSA: Zero-Day Vulnerability in WPGateway Actively Exploited in the Wild
Cross-Site Scripting: The Real WordPress Supervillain
Vulnerabilità e Bollettini gestiti Maggio-Giugno 2022
Millions of Attacks Target Tatsu Builder Plugin
Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes
Cross-Site Scripting Vulnerability Discovered In Download Manager Plugin
PSA: Critical Vulnerability Patched in Ninja Forms WordPress Plugin
Vulnerabilità e Bollettini gestiti Marzo-Aprile 2022
Reflected Cross-Site Scripting Vulnerability in Header Footer Code Manager Plugin
Entering a Higher State of Vigilance – Ukraine Under Attack
Stored Cross-Site Scripting Vulnerability Patched in a WordPress Photo Gallery Plugin
Ukraine Universities Hacked By Brazilian Via Finland As Russian Invasion Started – And Free Threat Intel for UA sites
We’re Now Blocking 10,000 Requests Per Hour in Ukraine From Known Malicious Ips
WordPress 5.9.2 Security Update Fixes XSS and Prototype Pollution Vulnerabilities
Increase In Malware Sightings on GoDaddy Managed Hosting
Reflected Cross-Site Scripting Vulnerability in Spam protection, AntiSpam, FireWall by CleanTalk
Critical Authentication Bypass Vulnerability Patched in SiteGround Security Plugin
Critical Remote Code Execution Vulnerability in Elementor
PHP Object Injection Vulnerability in Booking Calendar Plugin
Vulnerabilità e Bollettini gestiti Gennaio-Febbraio 2022
WordPress 5.8.3 Security Release
84,000 WordPress Sites Affected by Three Plugins With The Same Vulnerability
Unauthenticated XSS Vulnerability Patched in HTML Email Template Designer Plugin
Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution
Unauthenticated SQL Injection Vulnerability Patched in WordPress Statistics Plugin
Reflected Cross-Site Scripting Vulnerability Patched in WordPress Profile Builder Plugin
Vulnerability in UpdraftPlus Allowed Subscribers to Download Sensitive Backups
