Top

Tag Archives | Plugin

WordPress GDPR Compliance Plug-in exploited (Privilege Escalation Flaw)

On the 6th of November 2018, a popular WordPress plugin known as WP GDPR Compliance plugin, which is created to help website owners with GDPR compliance, was found to contain harmful vulnerabilities for privilege escalation that could allow for arbitrary code execution. Hackers have exploited this vulnerability to attack a number of websites. The vulnerability […]

Continue Reading

Install CSF firewall on cPanel server

Config Server Firewall (CSF) is a firewall that provides a good level of protection with easy of managing commands. From list of security plugins available, this is the widely used security tool that can protect Linux server against attacks like brute force,malware attacks, phishing etc..This is a free plugin and have well developed interface for […]

Continue Reading

Disable Theme and Plugin Editors from WordPress

This is a big problem, if customer using very weak password’s with default username’s like admin/administrator and etc. Even if you don’t use default username you can get it very easily. Get WordPress username https://wordpress.site/?author=1 This redirects your correct username author page and you can get easily correct username which is probably admin user. If […]

Continue Reading

xo.php

This malware trying write another malware to server, it’s using old cherry-plugin import/export file upload vulnerability. Here source code to malware: Source of xo.php Details $uri is infected server address. $url is base64 encoded remote server address, where trying download more malware and put server to remote access: http://fastwealthformula.online/callback/shell Remote file Final Words Use Malware […]

Continue Reading

Wordfence Security Plugin

We found new intresting malware that infected WordPress and Wordfence Security plugin. This malware filename is random numeric with php extension. Unlink When it just executed from remote GET Request, it remove itself at first. So it’s difficult know what happened on server and what case infection to WordPress and Wordfence. wp-blog-header.php It modifying WordPress […]

Continue Reading

common.php (Object Injection Vulnerability in Backup & Restore Dropbox)

WordPress plugin Backup & Restore Dropbox have PHP Object Injection Vulnerability. It’s allow remote download malware to the server. This vulnerability founded by pluginvulnerabilities.com and published it. We found that vulnerability try malware download common.php malware to server via FTP Protocol. Real Post Payload First file_get_contents download common.php malware and file_put_contents write it to server. […]

Continue Reading

gzpdecode.php

WordPress Vulnerability in Cherry Plugin – Arbitrary File Upload The Vulnerability allow an attacker to upload all types of files without administrator login. /wp-content/plugins/cherry-plugin/admin/import-export/upload.php This is fixed latest version of Cherry Plugin, but all customers won’t update their website and files. Interesting comes heres, botnetwork search this old vulnerability and if found they upload malware […]

Continue Reading