Security misconfiguration has long been a top concern for website security, and in 2021, the OWASP Top 10 team highlighted it as one of the most common reasons websites are hacked. Among the potential misconfigurations, security headers play a critical role. These headers are essential for protecting your website from various threats, and proper server […]
Your website will always be a vital component of your business, service, or cause. However, a hacked website will cause an overflow of complications for both you and your visitors. This post will shed more light on how your hacked website can influence your visitors and relevant steps you can take to improve your website […]
The problem with hackers attacking websites is on a constant rise. Month-to-month we list tens of vulnerabilities found in popular plugins that developers use on their sites. Most of these are being targeted by hackers. We monitor the sites we protect daily and see the number of attacks increasing every week. The reason why hackers […]
In this article, you can read about the latest website hacking statistics from 2022. These updated statistics on website hacking should give you an idea of just how difficult it is to ensure website security each passing year. Any software can be hacked if you do not deploy security measures and follow best practices. Cybersecurity is now […]
There are SQLi and unauthenticated stored XSS vulnerabilities in Discount Rules for the WooCommerce WordPress plugin. The Discount Rules for the WooCommerce plugin (versions 2.0.2 and below) suffer from multiple vulnerabilities such as SQL injection, authorization issues, and unauthenticated stored cross-site scripting. In this scenario, the unauthenticated stored cross-site scripting issue could potentially lead to […]
This article analyses the Elementor PRO Vulnerability vulnerabilities. Elementor PRO is a page builder for WordPress with approximately 1+ million users. On the 4th of May, many websites had a suspicious subscriber registering to the site that logged in and managed to upload malicious attachments. Split seconds later – another IP was trying to access […]
The ThemeGrill Demo Importer plugin has 200,000+ active installations and can be used to import ThemeGrill official themes demo content, widgets, and theme settings with just one click. Update (18th of February):The installs count has dropped to 100K+. It indicates that many people have started to uninstall the plugin based on the statistics provided by […]
Not too long ago an authentication bypass vulnerability in the Ultimate Addons was found for Elementor and Beaver Builder plugins. As we routinely monitor the code of popular plugins our customers use, we found that the InfiniteWP Client and WP Time Capsule plugins also contain logical issues in the code that allows you to login into an administrator account without a […]