The Latest in IT Security

Posts Tagged ‘WordPress’

WordPress admins are being warned to remove a buggy plugin or risk a total site takeover. This particular threat relates to a plugin which is no longer in use: Modern WPBakery page builder addons. The vulnerability in the plugin, known as CVE-2021-24284, allows “unauthenticated arbitrary file upload via the ‘uploadFontIcon’ AJAX action”. This means that […]

Read more ...

Tracked as CVE-2021-25094 (CVSS score of 8.1), the vulnerability exists because one of the supported actions does not require authentication when uploading a zip file that is extracted under the WordPress upload directory. While the plugin includes an extension control, this can be bypassed by adding a PHP shell with a filename that begins with […]

Read more ...

If you run a WordPress website, you need to get serious about keeping it as secure as possible. WordPress continues to be a widespread target for hackers. Last November, more than a million GoDaddy-managed WordPress customers were part of a breach that could have exposed their email addresses, private SSL keys, and admin passwords. The […]

Read more ...


Categories

FRIDAY, AUGUST 12, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments