plugin

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

Feb 27, 2024 by iHash Leave a Comment

Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. "This plugin suffers from unauthenticated site-wide stored [cross-site … [Read more...] about WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft

Dec 22, 2023 by iHash Leave a Comment

Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that's capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. "As with many other malicious or fake … [Read more...] about Rogue WordPress Plugin Exposes E-Commerce Sites to Credit Card Theft

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

Jul 1, 2023 by iHash Leave a Comment

Jul 01, 2023Ravie LakshmananWebsite Security / Cyber Threat As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin. The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released on … [Read more...] about Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

May 6, 2023 by iHash Leave a Comment

May 06, 2023Ravie Lakshmanan Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, … [Read more...] about New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

Mar 24, 2023 by iHash Leave a Comment

Mar 24, 2023Ravie LakshmananWeb Security / WordPress Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It … [Read more...] about Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

Create your own instrumentation with the Java Agent Plugin

Jun 8, 2022 by iHash Leave a Comment

TroubleshootingThere are some common problems you might run into when creating your plugin:Still experimental?The OpenTelemetry bridge was added in Elastic APM Java Agent version 1.30.0 — so that is the earliest version you can use this plugin mechanism with — and it was initially added as experimental technology. Depending on which version you are using, you may need to have … [Read more...] about Create your own instrumentation with the Java Agent Plugin

Researchers Find Backdoor in School Management Plugin for WordPress

May 21, 2022 by iHash Leave a Comment

Multiple versions of a WordPress plugin by the name of "School Management Pro" harbored a backdoor that could grant an adversary complete control over vulnerable websites. The issue, spotted in premium versions before 9.9.7, has been assigned the CVE identifier CVE-2022-1609 and is rated 10 out of 10 for severity. The backdoor, which is believed to have existed since version … [Read more...] about Researchers Find Backdoor in School Management Plugin for WordPress

Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution

Aug 25, 2021 by iHash Leave a Comment

I'm sure you would agree that, in today's digital world, the majority of applications we work on require some type of credentials – to connect to a database with a username/password, to access computer programs via authorized tokens, or API keys to invoke services for authentication. Credentials, or sometimes just referred to as 'Secrets,' are pieces of user or system-level … [Read more...] about Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution

New IDA Pro plugin provides TileGX support

Oct 12, 2019 by iHash Leave a Comment

Threat Research Cisco Talos has a new plugin available for IDA Pro that provides a new disassembler for TileGX binaries. This tool should assist researchers in reverse-engineering threats in IDA Pro that target TileGX. read more >> Share: Tags: Source link … [Read more...] about New IDA Pro plugin provides TileGX support

Cisco Threat Response Plugin: Defeat Threats With Just a Few Clicks

Jul 28, 2019 by iHash Leave a Comment

One of the best tools in your SOC’s arsenal is something you might already have access to and didn’t even have to pay for. If you already deploy Cisco Umbrella, AMP for Endpoints, Firepower devices, next-generation intrusion prevention system (NGIPS), Email Security, or Threat Grid, then you can immediately access Cisco Threat Response for FREE. As in no charge. Zero extra … [Read more...] about Cisco Threat Response Plugin: Defeat Threats With Just a Few Clicks

AdGuard VPN + Ad Blocker Family Security Suite for $49

Microsoft Office 2024 Home for Mac or PC: One-Time Purchase for $119

ASUS 14" Chromebook C424 (2021) Intel N4020 4GB RAM 128GB eMMC (Refurbished) for $174

Lenovo IdeaPad 5, 14" Touchscreen 2-in-1 Laptop (2024) AMD Ryzen 7, 16GB RAM 1TB SSD Windows 11 Home Cosmic Blue (Refurbished) for $649

Stacks Be Productive Plan: Lifetime Subscription for $29