WordPress Booking Calendar Plugin – PHP Object Injection Vulnerability [NEWS]

WordPress plugin booking calendar vulnerability WordPress booking calendar plugin has more than 60,000 active installs. Thus, the threat Intelligence team launched a responsible disclosure process on April 18, 2022. When we received a response, we turned along with our entire disclosure on April 19, 2022. On April 21, 2022, a …

Apache Log4j Vulnerability Fix – Zero Day Exploit 2022 [GUIDE]

⚡️ Log4j Vulnerability Fix A Critical flaw in Log4j, a Java-based Apache Log4j library for logging error messages in applications, has take the internet by storm. It is very broadly used in a variety of enterprise and open-source softwares, websites & web applications. Log4j vulnerability, being tracked as CVE-2021-44228 has …

WordPress Defacement Removal – How To Fix Defaced WordPress site

🔴 WordPress Defacement Removal Like graffiti in the physical world, website defacement attacks can leave a visible mark on your digital property. When carrying out this type of attack, cyber criminals generally replace existing content on your site with their own messages, whether those messages are political, religious, or just …

Remote & Local File Inclusion Vulnerability In WordPress [GUIDE]

WordPress Local File Inclusion Vulnerability The intent of this post is to help penetration testers to identify and test Remote File Inclusion (RFI) & Local File Inclusion (LFI) vulnerabilities in WordPress and helping future pentesting testing by consolidating research. LFI vulnerabilities are typically discovered during web application pen testing using …

Over A Million WP Sites Hacked in Widespread Attacks – (News)

A sudden increase WordPress XSS Attacks (Cross Site Scripting) wordpress vulnerabilities has been tracked by our threat intelligence team on April 28, 2020. These attacks increased to about 30 times more than what is seen in previous attack data within a few days’ span. The botnet consisting of 90,000 IP addresses takes …