Infosecurity-magazine.com

Backup Migration WordPress Plugin Flaw Impacts 90,000 Sites

Security researchers have warned users of a popular WordPress plugin that they need to patch urgently or risk their site being remotely hijacked. Security vendor Wordfence has revealed a new PHP code ...
Threat Post

Updates Fix PHP-Injection Flaw in Popular WordPress Plugins

A pair of popular WordPress plugins used to help sites cache content have fixed serious vulnerabilities that attackers could exploit simply by including special HTML code in a comment. Both WP Super ...
Bleeping Computer

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

A critical severity vulnerability in a WordPress plugin with more than 90,000 installs can let attackers gain remote code execution to fully compromise vulnerable websites. Known as Backup Migration, ...
Bleeping Computer

Hackers use PHP exploit to backdoor Windows systems with new malware

Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability ...
heise online

Security updates for Drupal: Malicious code attacks on web browsers possible

Poor input validation makes previous versions of Drupal vulnerable. If the conditions are right, attackers can execute malicious code in the victim's web browser via compromised websites created with ...
Business Wire

Polyverse Thwarts PHP Vulnerabilities, WordPress Attacks

BELLEVUE, Wash.--(BUSINESS WIRE)--Polyverse Corporation today announced its R&D project, Polyscripting, stops all PHP code injection and execution vulnerabilities detailed in a whitepaper recently ...