Searchenginejournal.com

Nine WordPress Plugins Expose Over 1.3 Million Sites To Exploits

The United States Government Vulnerability Database and WordPress security researchers published alerts of WordPress plugin vulnerabilities. Among those plugins, nine of the most popular plugins ...
Searchenginejournal.com

WordPress Elementor Widgets Add-On Vulnerability

The patch fixed an issue that could lead to a Stored Cross-Site Scripting exploit that allows an attacker to upload malicious files to a website server where it can be activated when a user visits the ...
Infosecurity-magazine.com

Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...
Bleeping Computer

Hackers target Wordpress plugin flaw after PoC exploit released

Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin roughly 24 hours after a proof-of-concept (PoC) exploit was made public. The vulnerability ...