How hackers install and hide rogue plugins on your WordPress blog.
A while back, I explained how hackers created hidden admin users after hacking a WordPress blog. In this post, we will see how they upload and hide rogue plugins.
Tag: WordPress
WooCommerce Dynamic Pricing and Discounts plugin fixed multiple vulnerabilities.
The WooCommerce Dynamic Pricing and Discounts plugin (19,000+ installations), fixed multiple unauthenticated vulnerabilities affecting version 2.4.1 and below.
Multiple WordPress plugins fixed CSRF vulnerabilities (part 5).
Multiple WordPress plugins were found to be vulnerable to cross-site request forgery (CSRF) attacks.
WordPress Plugins and Themes Vulnerabilities: Stats, Facts and Recommendations.
For the past 30 months, we have reported quite a lot of vulnerabilities we discovered in WordPress themes and plugins. Here are some interesting stats and facts about them, as well as few recommendations for all developers of WordPress plugins and themes.
Securing WordPress with a Web Application Firewall: NinjaFirewall (WP Edition).
In this article we will see how to provide a very high level of protection to a WordPress blog with a web application firewall.