WordPress

Contact Form 7 (5.3.1 & below) Vulnerable To Unrestricted File Upload

Dec 17, 2020 By Astra In Astra

Before you start reading the description, please log in to your WordPress Admin panel & update all the plugins. Contact Form 7 version 5.3.1 and below were found to be vulnerable to unrestricted file upload vulnerability. This issue has been reported by security researchers at Astra Security. By exploiting this vulnerability, attackers could simply upload files of any type, bypassing all restrictions placed regarding the allowed uploadable file types on a website.

View Video

Astra

Read more about Contact Form 7 (5.3.1 & below) Vulnerable To Unrestricted File Upload

Astra's Security Audit & VAPT Review by Arun Bansal (Founder & CEO of ServerGuy)

Dec 4, 2020 By Astra In Astra

99.7% websites have atleast one vulnerability. Astra Security helps you find your website's weaknesses and patch them up before it hurts your business. ServerGuy is well renowned premium managed Magento, WordPress Hosting Platform, offering lightning-fast and scalable infrastructure.

View Video

Astra

Read more about Astra's Security Audit & VAPT Review by Arun Bansal (Founder & CEO of ServerGuy)

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Oct 22, 2020 By Graham Cluley In Tripwire

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites. The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username.

Read Post

Tripwire

Read more about Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Richard recommends Astra for WordPress Security

Aug 4, 2020 By Astra In Astra

Richard Butler is an entrepreneur & the founder of a WordPress plugin. He trusts Astra with all his websites because he realizes what a bad hack can do! ''The only solution you need to secure your website' - says Richard!

View Video

Astra

Read more about Richard recommends Astra for WordPress Security

Gehaxelt - How Wordpress Plugins Leak Sensitive Information Without You Noticing

Feb 26, 2020 By Detectify In Detectify

Sebastian Neef (@gehaxelt) is a IT security freelancer and a top contributor from the Detectify Crowdsource community. In this guest blog, he looks at ways WordPress plugins leak sensitive data in the wild: The OWASP Top 10 puts Sensitive Data Exposure on the 3rd place of the most common web security issues. In this blog post we will have a look at sensitive data exposure that you might not be aware of.

Read Post

Detectify

Read more about Gehaxelt - How Wordpress Plugins Leak Sensitive Information Without You Noticing

Subscribe to WordPress

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

WordPress

Contact Form 7 (5.3.1 & below) Vulnerable To Unrestricted File Upload

Astra's Security Audit & VAPT Review by Arun Bansal (Founder & CEO of ServerGuy)

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Richard recommends Astra for WordPress Security

Gehaxelt - How Wordpress Plugins Leak Sensitive Information Without You Noticing

Monthly Archive

Follow Us