-
Unauthenticated SQL Injection Vulnerability Addressed in WP Fastest Cache 1.2.2
During an internal review of the WP Fastest Cache plugin, the WPScan team discovered a serious SQL injection vulnerability. This vulnerability may allow unauthenticated attackers to read the full contents of the WordPress database using a time‑based blind SQL injection payload. Upon discovering the vulnerability, we promptly alerted the plugin development team, who released version 1.2.2…
-
26-Step WordPress Security Guide for Enterprise-Level Protection
Do you agree with the list? Follow every step to guard your site & protect your company from major liabilities. Proven enterprise-grade cybersecurity tools.
-
Unauthenticated File Upload Vulnerability Addressed in Royal Elementor Addons and Templates 1.3.79
During an investigation of a series of website being actively compromised we noticed the constant presence of the Royal Elementor Addons and Templates plugin installed. And all sites had at least one malicious file dropped into the /wpr‑addons/forms/ directory. As we reviewed the plugin it was found that the upload ajax action wasn’t properly validating the…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
WPScan 