HackDig : Dig high-quality web security articles

Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild

A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites In middle June, the Wordfence Threat Intelligence team noticed a back-ported security update in the popular WordPress plugin Ninja Forms, which has over one million active installations. The analysis of the updates revealed that they patched a code
Publish At:2022-06-19 19:16 | Read:165 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations

More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild.With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites.The exploited security issue, which was identified in the Mer
Publish At:2022-06-17 09:13 | Read:286 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities Cybercrime Vulnerability

730K WordPress sites force-updated to patch critical plugin bug

WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated en masse this week to a new build that addresses a critical security vulnerability likely exploited in the wild.The vulnerability is a code injection vulnerability affecting multiple Ninja Forms releases, starting with version 3.0 and up.
Publish At:2022-06-16 15:15 | Read:241 | Comments:0 | Tags:Security wordpress

Backdoor baked into premium school management plugin for WordPress

Security researchers have discovered a backdoor in a premium WordPress plugin designed as a complete management solution for schools. The malicious code enables a threat actor to execute PHP code without authenticating.The name of the plugin is “School Management,” published by Weblizar, and multiple versions before 9.9.7 were delivered with
Publish At:2022-05-20 14:53 | Read:406 | Comments:0 | Tags:Security wordpress

Critical Jupiter WordPress plugin flaws let hackers take over sites

WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege escalation flaw.Jupiter is a powerful high-quality theme builder for WordPress sites used by over 90,000 popular blogs, online mags, and platforms that enjoy heavy user traffic.The
Publish At:2022-05-18 18:51 | Read:477 | Comments:0 | Tags:Security wordpress hack

Millions of Cyberattacks Are Targeting Tatsu WordPress Plugin

Tatsu Builder is a popular plugin that integrates very effective template modification tools directly into the user’s web browser.What Happened?Hackers are making extensive use of a remote code execution vulnerability known as CVE-2021-25094 that is present in the Tatsu Builder plugin for WordPress. This plugin is used on about 100,000 different websit
Publish At:2022-05-18 10:50 | Read:387 | Comments:0 | Tags:Cybersecurity News wordpress cyber

Sysrv botnet is out to mine Monero on your Windows and Linux servers

In a Twitter thread, the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv botnet. The variant they focused on uses a range of known exploits for vulnerabilities in web apps and databases to install cryptocurrency miners on both Windows and Linux systems. Background The Sysrv botnet first recei
Publish At:2022-05-18 09:01 | Read:422 | Comments:0 | Tags:Botnets Exploits and vulnerabilities botnet crypto miner cve

Large-Scale Attack Targeting Tatsu Builder WordPress Plugin

Tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin.Tracked as CVE-2021-25094 (CVSS score of 8.1), the vulnerability exists because one of the supported actions does not require authentication when uploading a zip fil
Publish At:2022-05-18 05:14 | Read:265 | Comments:0 | Tags:NEWS & INDUSTRY Vulnerabilities wordpress

Hackers target Tatsu WordPress plugin in millions of attacks

Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites.Up to 50,000 websites are estimated to still run a vulnerable version of the plugin, although a patch has been available since early April.Large attack waves started on May 10, 20
Publish At:2022-05-17 10:55 | Read:772 | Comments:0 | Tags:Security wordpress hack

Fake reCAPTCHA forms dupe users via compromised WordPress sites

Researchers at Sucuri investigated a number of WordPress websites complaining about unwanted redirects and found websites that use fake CAPTCHA forms to get the visitor to accept web push notifications. These websites are a new wave of a campaign that leverages many compromised WordPress sites. CAPTCHA CAPTCHA (“Completely Automated Public Turing te
Publish At:2022-05-16 09:01 | Read:304 | Comments:0 | Tags:Web threats CAPTCHA JavaScript local.drakefollow.com push no

WordPress Websites Files and Databases Injected with Malicious JavaScript

WordPress is a content management system (CMS) that is free to use and open-source. It is built in PHP, and it can be combined with either a MySQL or MariaDB database. Plugin architecture and a template system, which are both referred to as Themes inside WordPress, are both included as features. WordPress was first developed as a platform for publishing blog
Publish At:2022-05-13 06:52 | Read:637 | Comments:0 | Tags:Cybersecurity News wordpress

Massive hacking campaign compromised thousands of WordPress websites

Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers from Sucuri uncovered a massive campaign that compromised thousands of WordPress websites by injecting malicious JavaScript code that redirects visitors to scam content. The infections automatic
Publish At:2022-05-12 10:31 | Read:291 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Security hacking news IT I

Ukraine government and pro-Ukrainian sites hit by DDoS attacks

The Computer Emergency Response Team in Ukraine (CERT-UA) has announced that Ukraine government web portals and pro-Ukraine sites are subjected to ongoing DDoS (distributed denial of service) attacks. They don’t currently know who is behind these attacks. The attack involves injecting a malicious JavaScript (JS)—officially named “BrownFlood
Publish At:2022-04-29 04:56 | Read:481 | Comments:0 | Tags:Security world BrownFlood CERT-UA compromised WordPress site

Ukraine targeted by DDoS attacks from compromised WordPress sites

Ukraine's computer emergency response team (CERT-UA) has published an announcement warning of ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal.The threat actors, who at this time remain unknown, are compromising WordPress sites and injecting malicious JavaScript code to perform the attacks.Th
Publish At:2022-04-28 14:40 | Read:552 | Comments:0 | Tags:Security DDOS wordpress

WordPress Elementor 3.6.2 Shell Upload

# Exploit Title: WordPress Plugin Elementor 3.6.2 - Remote Code Execution (RCE) (Authenticated)# Date: 04/16/2022# Exploit Author: AkuCyberSec (https://github.com/AkuCyberSec)# Vendor Homepage: https://elementor.com/# Software Link: https://wordpress.org/plugins/elementor/advanced/ (scroll down to select the version)# Version: 3.6.0, 3.6.1, 3.62# Tested on:
Publish At:2022-04-19 17:17 | Read:957 | Comments:0 | Tags: wordpress

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3