vulnerability

a few seconds read
A serious vulnerability was discovered in the popular WordPress WP Google Maps plugin , allowing hackers to take control of the site. This is reported on the WPScan Vulnerability Database page . At the moment, this vulnerability is already closed, and therefore, users of the plug-in are strongly recommended to update it to the latest version. Otherwise, the site may be attacked by injecting SQL code. Versions 7.11.00 – 7.11.17 are vulnerable to such attacks. In the change log of the...
a minute read
In the popular plugin WP GDPR Compliance , a serious vulnerability was discovered. To secure the site, you need to upgrade to version 1.4.3 or higher. Currently, hackers are actively attacking WP-sites with this plugin. All resources with an earlier version than 1.4.3 are at risk. Due to the vulnerability, attackers are able to gain access to the site as an administrator, which allows them to make any changes. According to one of the victims, the attacks are carried out automatically. Hack...
2 minutes read
5 months ago Distilled agency employee Tom Anthony discovered a vulnerability that allows Googlebot to be manipulated to execute JavaScript and index its changes, including links. The researcher notified Google of his discovery, but the company did not close this gap. As a result, Tom Anthony decided to publish information about the vulnerability in public access to inform about the potential threat to site owners. However, he noted that Google checked his article before publication. Tweet...
a minute read
The developers of the popular AMP plugin for WordPress – AMP for WP – have released a patch for a critical vulnerability discovered last month. While the work was underway to eliminate the vulnerability, the plugin was removed from the corresponding section on WordPress.org. Last week, he was returned to the “system”. According to the developers, the reason for the temporary withdrawal of the plug-in was a vulnerability that could be exploited by people who are not site administrato...
a minute read
A vulnerability such as XSS (cross-site scripting) has been discovered in the popular WordPress All-in-One SEO Pack plugin . This is reported on the website of the WPScan Vulnerability Database. Cross-site scripting (XSS) is a type of software vulnerability that allows a hacker to embed code into a web page and gain various levels of access to a site and / or its database. Vulnerability was identified by RipsTech on October 25th. Whether it was closed is currently unknown. The develop...