The Latest in IT Security

Flawed WordPress plugin allows hackers to steal your database

04
Jul
2017
Flawed WordPress plugin allows hackers to steal your database

flawed-wordpress-plugin-allows-hackers-to-steal-your-database

A critical flaw in the WP Statistics plugin used by more than 300,000 WordPress sites can be exploited by thieves out for your database, researchers showed. Site administrators using an outdated plugin are at risk.

While working on WordPress plugin WP Statistics as part of a vulnerability assessment for their firewall offering, Sucuri researchers discovered an SQL Injection flaw.

“This vulnerability is caused by the lack of sanitization in user provided data,” the researchers warned. “An attacker with at least a subscriber account could leak sensitive data and under the right circumstances/configurations compromise your WordPress installation.”

Read More

Leave a reply


Categories

THURSDAY, AUGUST 17, 2017

Featured

Archives

Latest Comments

Social Networks