WordPress Vulnerability

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

Leave a Comment / Vulnerabilities /

Threat actors are actively using a serious security vulnerability in the WordPress Bricks theme to force arbitrary PHP code to run on vulnerable installations. The vulnerability, identified as CVE-2024-25600 (CVSS score: 9.8), allows remote code execution to be accomplished by unauthorised attackers. It affects every Bricks version up to and including 1.9.6. Only a few […]

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites Read More »

Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability

Leave a Comment / Vulnerabilities /

WPGateway, a premium WordPress plugin, has a zero-day vulnerability that is already being aggressively abused in the wild, giving bad actors the capability to entirely take over vulnerable websites. According to WordPress security firm Wordfence, the vulnerability, identified as CVE-2022-3180 (CVSS score: 9.8), is being exploited to install a malicious administrator user to websites using

Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability Read More »

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack

Leave a Comment / Vulnerabilities /

Three WordPress plugins have been discovered to be affected with a security shortcoming which gives a malicious actor the opportunity to take over vulnerable websites. An attacker could update arbitrary site options on a vulnerable site, provided they could trick a site administrator into clicking a link or doing a thing. Tracked as CVE-2022-0215, the

Researchers Discover 3 WordPress Plugins Leaving 84,000 Websites Vulnerable To Attack Read More »