Bleeping Computer

jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

Of the thousands of plugins for the jQuery framework, one of the most popular of them harbored for at least three years an oversight in code that eluded the security community, despite public ...
Bleeping Computer

Critical WordPress plugin zero-day under active exploitation

Threat actors are scanning for sites running the Fancy Product Designer plugin to exploit a zero-day bug allowing them to upload malware. Fancy Product Designer is a visual product configurator plugin ...
Infosecurity-magazine.com

WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack

A critical vulnerability in the Jupiter X Core WordPress plugin, used on over 90,000 websites, has been identified by security researchers. The flaw, discovered on January 6, allows attackers with ...
Infosecurity-magazine.com

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

More than 10,000 WordPress sites have been left vulnerable to full site takeover due to three critical security flaws discovered in the HT Contact Form Widget for Elementor Page Builder & Gutenberg ...