HackDig : Dig high-quality web security articles for hacker

“Fancybox for WordPress Has Expired” Infection

Today I began to notice quite a massive and very unusual attack that leverages vulnerabilities in older versions of the FancyBox for WordPress plugin. As you might know, versions 3.0.2 and older of this plugin allowed anyone to craft special POST requests to /wp-admin/admin-post.php or /wp-admin/admin-ajax.php and change values of specific plugin options in
Publish At:2015-04-02 02:20 | Read:2782 | Comments:0 | Tags:General Short Attack Reviews Website exploits April1 Fancybo

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud