Convert Plus WordPress Plugin Vulnerability Exploit [FIXED]

In our earlier posts last week, we covered various vulnerable plugins which were exploited by hackers such as Zero-day Vulnerability in WordPress Yellow Pencil Plugin, Vulnerability In Social Warfare Plugin, &  in WordPress Easy WP SMTP Plugin which were all fixed. Type – Unauthenticated Administrator Creation CVSS v3.0 Score: 10.0 …

WordPress Brute Force Attacks – How To Protect Your Website?

WordPress Brute Force Attack Brute force attacks are common against web services. Any website is a potential target. However, criminal actors usually choose the most popular to increase their chances of success. WordPress is one of their favorite targets. This platform is so popular that out of one million top websites on the …

WordPress .htaccess hacked – Cleanup & Prevent .htaccess Attack

WordPress htaccess Attack 🧙‍♀️ Prevent & cleanup .htaccess Redirect hack Table Of Content: What is .htaccess? WordPress .htaccess Security Snippets Use of .htaccess File WordPress .htaccess Hack Attacks WordPress .htaccess hacked? What to do? Clean up Hacked .htaccess If you have a WordPress-based website, it is imperative to stay vigilant against …

Zero-day Vulnerability in WordPress Yellow Pencil Plugin Exploit [FIX]

TABLE OF CONTENTS: 📙 Yellow Pencil Visual CSS Style Editor Plugin 📙 Yellow Pencil WordPress Exploit 📙 Privilege Escalation Vulnerability 📙 What is Common in this explot? 📙 How To fix it? So, we have another WordPress plug-in, Yellow Pencil Visual Theme customizer which has been exploited as we discover two software vulnerabilities. The vulnerability …

WordPress DDoS Attack – Tips To Protect & Secure Your Website

WordPress DDoS Attack – How To Prevent DDoS attacks can cause serious economic damage and lead to the total unavailability of a website. But what is a DDoS attack? How can you secure your WordPress website against DDoS attacks and how to prevent them? Table Of Contents: What is a DDoS …

WordPress REST API Vulnerability Content Injection Exploit [FIXED]

WordPress Content Injection REST API Vulnerability (WP 4.7 and 4.7.1) As WordPress evolves in popularity, so does the intricacy of this free and open-source content management system based on MySQL and PHP. WordPress has certainly progressed from its early days in 2003 as one of the most sought-after blogging platforms …

IndoXploit WordPress Hack – What It Is & How To Fix It

WordPress websites are undermined not by modern programmers but rather by bots written to misuse acknowledged vulnerabilities. Such vulnerabilities mainly comprise of obsolete themes & plugins, weak passwords, and inferior quality web hosting. What is Indoxploit Hack? Indoxploit shell ( IndoXploit WordPress Auto Deface) can be defined as a PHP-based backdoor …

WordPress GDPR Compliance Plugin Exploit Vulnerability

The General Regulation of Data Protection (GDPR), is the legislation in force since May 25, 2018 that guarantees the protection of the data that people provide to Companies, Governments, Institutions, Organizations and any organisation based in the European Economic Community or that manages data of its citizens. As we know, …