-
Unauthenticated File Upload Vulnerability Addressed in Royal Elementor Addons and Templates 1.3.79
During an investigation of a series of website being actively compromised we noticed the constant presence of the Royal Elementor Addons and Templates plugin installed. And all sites had at least one malicious file dropped into the /wpr‑addons/forms/ directory. As we reviewed the plugin it was found that the upload ajax action wasn’t properly validating the…
-
Finding A RCE Gadget Chain In WordPress Core
During a recent team gathering in Belgium, we had an impromptu Capture The Flag game that included a challenge with an SQL Injection vulnerability occurring inside an INSERT statement, meaning attackers could inject random stuff into the targeted table’s columns, and query information from the database, the intended “flag” being the credentials of a user…
-
Email Leak Oracle Vulnerability Addressed in WordPress 6.3.2
During a thorough analysis of WordPress’ internals, we discovered a subtle bug that allowed unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website. If successfully exploited, attackers could gather email addresses, putting user privacy at risk. Upon identifying the vulnerability, we promptly alerted the WordPress team, who released…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
WPScan 