Dark Reading

Hackers 'Timthumb' Their Noses At Vulnerability To Compromise 1.2 Million Sites

A vulnerability in an obscure WordPress add-on script that was discovered in August is currently being used to compromise more than 1.2 million websites -- and could be easily used to siphon data out ...
Searchenginejournal.com

15 Vulnerabilities In 11 Elementor Addons Hit +3M WordPress Sites

Researchers have issued advisories for eleven separate Elementor add-on plugins with 15 vulnerabilities that can make it possible for hackers to upload malicious files. One of them is rated as a high ...
CSOonline

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

A researcher known for exposing application flaws posted screenshots showing Local File Inclusion vulnerabilities on Adult Friend Finder. The incident marks the second time in just over a year that ...
Infosecurity-magazine.com

High-Severity Vulnerability Discovered in Popular CMS

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...
Bleeping Computer

600K WordPress sites impacted by critical plugin RCE vulnerability

Essential Addons for Elementor, a popular WordPress plugin used in over a million sites, has been found to have a critical remote code execution (RCE) vulnerability in version 5.0.4 and older. The ...
Hosted on MSN

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard

WP Ghost, a popular security plugin, carried a 9.6-severity flaw It allows threat actors to execute malicious code, remotely The developers released a patch, and users should update now WP Ghost, a ...

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend ...