The Latest in IT Security

Flawed WordPress plugin allows hackers to steal your database

04
Jul
2017

flawed-wordpress-plugin-allows-hackers-to-steal-your-database

A critical flaw in the WP Statistics plugin used by more than 300,000 WordPress sites can be exploited by thieves out for your database, researchers showed. Site administrators using an outdated plugin are at risk.

While working on WordPress plugin WP Statistics as part of a vulnerability assessment for their firewall offering, Sucuri researchers discovered an SQL Injection flaw.

“This vulnerability is caused by the lack of sanitization in user provided data,” the researchers warned. “An attacker with at least a subscriber account could leak sensitive data and under the right circumstances/configurations compromise your WordPress installation.”

Read More

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments