SQL Injection in Advance Contact Form 7 DB
http://feedproxy.google.com/~r/sucuri/blog/~3/KQUmgWo_uqQ/sql-injection-in-advance-contact-form-7-db.html As part of our regular research audits for our Sucuri Firewall, we discovered an SQL injection vulnerability affecting 40,000+ users of the Advanced Contact Form...
DNS Tools & Queries For WordPress Users & Administrators
https://www.wpwhitesecurity.com/dns-tools-queries-wordpress-users-administrators/When you buy a new domain for your WordPress site you have to configure the name servers and other DNS records. Configuring your the Domain Name System (DNS) for your domain is a simple...
Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild
Yuzo Related Posts Zero-Day Vulnerability Exploited in the Wild The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and...Yuzo Related Posts – Unauthenticated Call Any Action or Update Any Option
https://wpvulndb.com/vulnerabilities/9254 Source: Security FeedPodcast Episode 6: The Brandy Lawson Interview, The News and Facebook Rants
Podcast Episode 6: The Brandy Lawson Interview, The News and Facebook Rants This week we follow up on two stories from last week, the Pipdig P3 plugin and Jetpack suggestions found within the WordPress plugin dashboard. We also take a look at quite a few...Form Maker by 10Web <= 1.13.4 – Cross-Site Request Forgery (CSRF) to LFI
https://wpvulndb.com/vulnerabilities/9253 Source: Security FeedContact Form by WD <= 1.13.4 – Cross-Site Request Forgery to LFI
https://wpvulndb.com/vulnerabilities/9252 Source: Security Feed
Attacks on Closed WordPress Plugins
http://feedproxy.google.com/~r/sucuri/blog/~3/VO4BilOsd9I/attacks-on-closed-wordpress-plugins.html The WordPress plugin repository team may “close” plugins and restrict downloads when they become aware of a security issue that the developer cannot fix...