Lädt...

📰 Bug In WordPress Plugin Can Let Hackers Wipe Up To 200,000 Sites


Nachrichtenbereich: 📰 IT Security Nachrichten
🔗 Quelle: it.slashdot.org

An anonymous reader quotes a report from ZDNet: WordPress site owners who use commercial themes provided by ThemeGrill are advised to update one of the plugins that come installed with these themes in order to patch a critical bug that can let attackers wipe their sites. The vulnerability resides in ThemeGrill Demo Importer, a plugin that ships with themes sold by ThemeGrill, a web development company that sells commercial WordPress themes. The plugin, which is installed on more than 200,000 sites, allows site owners to import demo content inside their ThemeGrill themes so they'll have examples and a starting point on which they can build their own sites. However, in a report published yesterday, WordPress security firm WebARX says that older versions of the ThemeGrill Demo Importer are vulnerable to remote attacks from unauthenticated attackers. Remote hackers can send a specially crafted payload to vulnerable sites and trigger a function inside the plugin. The vulnerable function resets the site's content to zero, effectively wiping the content of all WordPress sites where a ThemeGrill theme is active, and the vulnerable plugin is installed. Furthermore, if the site's database contains a user named "admin," then the attacker is granted access to that user with full administrator rights over the site.

Read more of this story at Slashdot.

...

📰 Bug In WordPress Plugin Can Let Hackers Wipe Up To 200,000 Sites


📈 71.31 Punkte
📰 IT Security Nachrichten

🕵️ Bug in WordPress plugin can let hackers wipe up to 200,000 sites


📈 71.31 Punkte
🕵️ Hacking

📰 Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers


📈 42.05 Punkte
📰 IT Security Nachrichten

📰 Critical Bug in WordPress Theme Plugin Opens 200,000 Sites to Hackers


📈 42.05 Punkte
📰 IT Security Nachrichten

🕵️ Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Websites


📈 41.05 Punkte
🕵️ Hacking

📰 WordPress Plugin Bugs Let Hackers Wipe or Takeover Your Site


📈 39.83 Punkte
📰 IT Security Nachrichten

📰 WordPress plugin bugs can let hackers take over almost 1M sites


📈 36.45 Punkte
📰 IT Security Nachrichten

📰 200K sites with buggy WordPress plugin exposed to wipe attacks


📈 35.3 Punkte
📰 IT Security Nachrichten

📰 Botnet of 20,000 WordPress Sites Infecting Other WordPress Sites


📈 32.06 Punkte
📰 IT Security Nachrichten

📰 Botnet of 20,000 WordPress Sites Infecting Other WordPress Sites


📈 32.06 Punkte
📰 IT Security Nachrichten

📰 A botnet of over 20,000 WordPress sites is attacking other WordPress sites


📈 32.06 Punkte
📰 IT Security Nachrichten

📰 6500 sites down after hackers wipe out database of dark web hosting firm


📈 31.31 Punkte
📰 IT Security Nachrichten

🕵️ Forminator Plugin Flaw: Unrestricted Uploads Put 200,000+ WordPress Sites at Risk


📈 31.08 Punkte
🕵️ Hacking

📰 Plugin flaw leaves up to 200,000 WordPress sites at risk of attack


📈 31.08 Punkte
📰 IT Security Nachrichten

📰 Unsafe WordPress Plugin Installed on Nearly 200,000 Sites


📈 31.08 Punkte
📰 IT Security Nachrichten

📰 Backdoored Plugin Impacts 200,000 WordPress Sites


📈 31.08 Punkte
📰 IT Security Nachrichten

📰 WordPress plugin bugs can let attackers hijack up to 100K sites


📈 30.92 Punkte
📰 IT Security Nachrichten

📰 Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites


📈 29.45 Punkte
📰 IT Security Nachrichten

📰 Facebook plugin bug lets hackers hijack WordPress sites’ chat


📈 29.45 Punkte
📰 IT Security Nachrichten

📰 Critical WordPress plugin bug lets hackers take over 1M sites


📈 29.45 Punkte
📰 IT Security Nachrichten

📰 Hackers target WordPress calendar plugin used by 150,000 sites


📈 28.92 Punkte
📰 IT Security Nachrichten

📰 Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites


📈 28.63 Punkte
📰 IT Security Nachrichten

📰 Hackers Can Inject Code Into WordPress Sites via Flaw in Product Review Plugin


📈 28.49 Punkte
📰 IT Security Nachrichten

🕵️ Unauthenticated RCE in WordPress Plugin Exposes 100,000 WordPress Sites


📈 28 Punkte
🕵️ Hacking

🕵️ Critical WordPress Plugin Flaw Exposes 90,000+ WordPress Sites


📈 28 Punkte
🕵️ Hacking

📰 Poisoned plugin allowed hackers to post spammy content on up to 200,000 WordPress websites


📈 27.65 Punkte
📰 IT Security Nachrichten

📰 Plugin-Bug: 200.000 WordPress-Seiten können einfach gelöscht werden


📈 27.56 Punkte
📰 IT Security Nachrichten

📰 Newsletter plugin bugs let hackers inject backdoors on 300K sites


📈 27.35 Punkte
📰 IT Security Nachrichten

📰 Infected WordPress Sites Are Attacking Other WordPress Sites


📈 27.16 Punkte
📰 IT Security Nachrichten

📰 Critical Bugs in WordPress Plugins Let Hackers Take Over Sites


📈 27.07 Punkte
📰 IT Security Nachrichten

📰 This is how hackers can wipe your memory and steal your thoughts


📈 26.83 Punkte
📰 IT Security Nachrichten

📰 WordPress plugin hole could have allowed attackers to wipe websites


📈 26.34 Punkte
📰 IT Security Nachrichten

📰 Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites


📈 24.55 Punkte
📰 IT Security Nachrichten

📰 Hackers actively exploiting severe bug in over 300K WordPress sites


📈 24.55 Punkte
📰 IT Security Nachrichten

matomo