How to remove linetoadsactive redirect malware

For the love of God make it stop..how to remove the linetoadsactive redirect *UPDATE - If you would like one…

Read Story

Slimstat: Stored XSS from Visitors

The WordPress Slimstat plugin, which currently has over 100k installs, allows your website to gather analytics data for your WordPress…

Read Story

Stored XSS in MyBB

The open source PHP forum software myBB recently published a new update, version 1.8.21. This is a security release fixing…

Read Story

OS Command Injection in WP-Database-Backup

On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin  was disclosed to the public by the…

Read Story

WordPress Plugin WP Statistics: Unauthenticated Stored XSS Under Certain Configurations

The WordPress plugin WP Statistics, which has an active installation base of 500k users, has an unauthenticated stored XSS vulnerability…

Read Story

Dissecting the WordPress 5.2.3 Update

Last week, WordPress released version 5.2.3 which was a security and maintenance update, and as such, contained many security fixes.…

Read Story

Icegram Persistent Cross-Site Scripting

Icegram is a plugin that helps you collect email addresses for your newsletter. Other features include light-box popup offers, header…

Read Story

Zero-Day RCE in vBulletin v5.0.0-v5.5.4

A new remote code execution (RCE) zero-day vulnerability has been disclosed by an anonymous researcher on the full disclosure mailing…

Read Story

OneTone Vulnerability Leads to JavaScript Cookie Hijacking

A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress…

Read Story

Authentication Bypass Vulnerability in InfiniteWP Client

An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This…

Read Story

Emergency WordPress Help

One of our techs will get back to you within minutes.