As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, … [Read more...]
WP Mobile Detector Vulnerability Being Exploited in the Wild
***Update: The WP Mobile Detector plugin has been patched to address the vulnerability. Please update as soon as possible. Note that the latest version don’t … [Read more...]
Drupal SQLi (Drupalgeddon) Attack Trend CVE-2014-3704 / SA-CORE-2014-005
It has been over 19 months since Drupalgeddon, which refers to Drupal’s Security Advisory (SA) SA-CORE-2014-005. For those unfamiliar with it, it was a highly … [Read more...]
Security Advisory: Stored XSS in Jetpack
During regular research audits for our Sucuri Firewall (Cloud-based WAF), we discovered a stored XSS vulnerability affecting the WordPress Jetpack plugin, … [Read more...]
Security Advisory: Stored XSS in Magento
Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 7/10 Vulnerability: Stored XSS Patched Version: Magento CE: 1.9,2.3, Magento EE: 1.14.2.3 … [Read more...]
Vulnerability Details: Joomla! Remote Code Execution
The Joomla! team released a new version of Joomla! CMS yesterday to patch a serious and easy to exploit remote code execution vulnerability that affected pretty … [Read more...]
Security Advisory: Stored XSS in Akismet WordPress Plugin
Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Stored XSS Patched Version: 3.1.5 During a routine audit for our WAF, … [Read more...]
Security advisory: Stored XSS in Jetpack
Security Risk: Dangerous Exploitation Level: Easy/Remote DREAD Score: 8/10 Vulnerability: Stored XSS Patched Version: 3.7.1 During a routine audit for our WAF, … [Read more...]
Persistent XSS Vulnerability in WordPress Explained
Security Risk: Dangerous Exploitation level: Easy DREAD Score: 6/10 Vulnerability: Persistent XSS Patched Version: 4.2.4 Last week the WordPress team released … [Read more...]
BIND9 – Denial of Service Exploit in the Wild
BIND is one of the most popular DNS servers in the world. It comes bundled with almost every cPanel, VPS and dedicated server installation and is used by most … [Read more...]
- 1
- 2
- 3
- 4
- Next Page »