-
Unauthenticated Privilege Escalation in Profile-Builder plugin
During a routine audit of various WordPress plugins, we identified some issues in Profile Builder and Profile Builder Pro (50k+ active installs). We discovered an Unauthenticated Privilege Escalation Vulnerability which could allow attackers to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions. This vulnerability was fixed on…
-
Object Injection vulnerability fixed in SEOPress 7.9
During a routine audit of various WordPress plugins, we identified a few issues in SEOPress (300k+ active installs). More specifically, we discovered an authentication bug which could allow attackers to access certain protected REST API routes without having any kind of account on the targeted site. Digging deeper into what an attacker could do with this…
-
10 of the Best Website Security Tools to Stay Ahead of Hackers
Which website security tools are really necessary for your site? What to consider before investing in new software. 10 must-have tools you can’t skip.
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
WPScan 