Tag Archives: vulnerability

CSRF vulnerability found in WPCode WordPress plugin

A Cross-Site Request Forgery (CSRF) vulnerability has been detected in WPCode – Insert Headers and Footers plugin version 2.0.9 and earlier. The security flaw was found in the WPCode WordPress plugin, which has over a million installations. The vulnerability could enable attackers to delete server files.

The WPCode plugin, previously known as Insert Headers and Footers by WPBeginner, is a well-known plugin that permits WordPress publishers to incorporate code snippets into the header and footer sections of their website. This feature is beneficial for publishers who require adding various codes such as Google Search Console site validation, structured data, CSS code, AdSense code, or anything else that belongs in either the header or footer of a website.

What is Cross-Site Request…


Source link

Yet another WordPress plugin vulnerability leaves over one million websites exposed

A new WordPress plugin vulnerability has been discovered that could allow an attacker to gain access to a site’s administrator login page.

The vulnerability exists in the popular WPS Hide Login plugin and was discovered by a user with the handle thalakus who posted a brief description of the issue on WordPress.org’s support forum. 


Source link

cPanel Plugin Contains Log4j Vulnerability

The popular cPanel web hosting server control panel software recently issued a patch to fix a critical flaw in the log4j Java library discovered in part of the software used for email. The vulnerability itself is named, Log4Shell.

Log4j Critical Log4Shell Vulnerability

Log4j is a Java library that adds a drop-in functionality to many online software products. For an end user it’s not something they would generally download and use.

It’s a Java library that would be included as part of the software. Because of that, end users aren’t generally aware if the software they use contain the vulnerability.

The log4j vulnerability is rated at 10 on a scale of 1 to 10, with 10 representing the most dangerous level of vulnerability.

The vulnerability was described by a security researcher as…


Source link