Wordpress
July 6, 2020

Vulnerabilities Digest: June 2020

Highlights for June 2020

  • Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking advantage of the lack of restrictions in critical functions and issues surrounding user input data sanitization.
  • Massive local file inclusion (LFI) attempts have been discovered attempting to harvest WordPress and Magento credentials.
  • Attackers continue to target old plugins with known vulnerabilities in an ongoing malware campaign targeting WordPress websites.

Continue reading Vulnerabilities Digest: June 2020 at Sucuri Blog.

Share this:
Twitter icon Facebook icon LinkedIn icon Pinterest icon

More great articles

High Severity Vulnerabilities in PageLayer Plugin Affect Over 200,000 WordPress Sites

A few weeks ago, our Threat Intelligence team discovered several vulnerabilities present in Page Builder: PageLayer – Drag and Drop…

Read Story
Wordpress
July 4, 2020

High-Severity Vulnerabilities Patched in LearnPress

On March 16, 2020, LearnPress – WordPress LMS Plugin, a WordPress plugin with over 80,000 installations, patched a high-severity vulnerability…

Read Story
Wordpress
July 4, 2020

Reflected XSS in PageLayer Plugin Affects Over 200,000 WordPress Sites

On November 4, 2020, the Wordfence Threat Intelligence team found two reflected Cross-Site Scripting (XSS) vulnerabilities in PageLayer, a WordPress…

Read Story
Wordpress
December 10, 2020

Emergency WordPress Help

One of our techs will get back to you within minutes.