WordPress | DataProtectionCenter.com

Hackers Using Fake DDoS Protection Pages to Distribute Malware

24

Aug

2022

WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. “A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware,” Sucuri’s Ben Martin said […]

Category Cyber-crime Malware Written by Thehackernews 0 Comments

Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately!

19

Jul

2022

WordPress admins are being warned to remove a buggy plugin or risk a total site takeover. This particular threat relates to a plugin which is no longer in use: Modern WPBakery page builder addons. The vulnerability in the plugin, known as CVE-2021-24284, allows “unauthenticated arbitrary file upload via the ‘uploadFontIcon’ AJAX action”. This means that […]

Category Threats & Malware Vulnerabilities Written by Blog 0 Comments

Large-Scale Attack Targeting Tatsu Builder WordPress Plugin

18

May

2022

Tracked as CVE-2021-25094 (CVSS score of 8.1), the vulnerability exists because one of the supported actions does not require authentication when uploading a zip file that is extracted under the WordPress upload directory. While the plugin includes an extension control, this can be bypassed by adding a PHP shell with a filename that begins with […]

Category Threats & Malware Vulnerabilities Written by Securityweek 0 Comments

The Latest in IT Security

Posts Tagged ‘WordPress’

Hackers Using Fake DDoS Protection Pages to Distribute Malware

Warning for WordPress admins: uninstall the Modern WPBakery plugin immediately!

Large-Scale Attack Targeting Tatsu Builder WordPress Plugin

Categories

Featured

Archives

Latest Comments

About Us

Contact Us