Object Injection Vulnerability in Welcart e-Commerce Plugin
On October 6, 2020, our Threat Intelligence team discovered a High-Severity Object Injection vulnerability in Welcart e-Commerce, a WordPress plugin with over 20,000 installations that claims top market share in Japan. After we finished our investigation, we contacted...
WP Activity Log 4.1.5: Support for new MainWP extension features & other updates
Today we are excited to announce the release of three plugin updates: WP Activity Log 4.1.5 Activity Log for MainWP 1.6 Activity Log for WooCommerce extension update 1.2 We have to release these three updates at the same time because of a number of new features and...
Activity logs for WooCommerce 1.2: Logs of software downloads & improved code
The third and last (but not least) plugin update for the day is Activity Log for WooCommerce 1.2, the WP Activity Log plugin extension for WooCommerce store owners who want to keep a log of what is happening in their store (refer to the activity log for WooCommerce...
Activity Log for MainWP 1.6: New centralized configuration of activity log plugin settings
Today we are happy to announce update 1.6 of the Activity Log for MainWP, the extension that keeps a log of what happens on your MainWP dashboard and also allows you to see all the child sites’ activity logs in the MainWP dashboard. In this update we are introducing a...
Legacy Mauthtoken Malware Continues to Redirect Mobile Users
During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns hex encoded strings in different positions in the array. If we get the ASCII representation of the variable, we’ll end up...Unpacking the WordPress 5.5.2/5.5.3 Security Release
On Thursday, October 29, the WordPress core team released WordPress version 5.5.2. This was a minor release containing bug fixes and security enhancements to the core WordPress content management system powering over one-third of the internet. There was a subsequent...WordPress 5.6 Beta 3
WordPress 5.6 Beta 3 is now available for testing! This software is still in development, so we recommend that you run this version on a test site. You can test the WordPress 5.6 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge...The Month in WordPress: October 2020
October 2020 was a notable month for WordPress lovers, thanks to the release of several products and updates. Read on to keep up with all the latest news! The 2020 WordPress Annual Survey is out The team published the 2020 WordPress Annual survey — to help those...