Search cyberveille.decio.ch

Found 3 bookmarks

Custom sorting

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

Discover the latest waves of the ongoing Balada Injector malware campaign targeting unpatched tagDiv premium WordPress themes. Dive into the technical details of the injected scripts, explore their functionality, and understand the potential threats they pose to site administrators.

#sucuri #2023 #EN #WP #Wordpress #Balada #Injector #tagDiv #Plugin

·blog.sucuri.net·Oct 13, 2023

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

Gravity Forms, a popular WordPress plugin, has been found vulnerable to unauthenticated PHP Object Injection attacks.

#bitdefender #EN #2023 #WP #WordPress #Plugin #gravity-forms #CVE-2023-28782

·bitdefender.com·Jun 4, 2023

‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Advanced Custom Fields PRO Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 6.1.6.

#patchstack #EN #2023 #WP #CVE-2023-30777 #Advanced #Custom #Fields #Pro #plugin #XSS #vulnerability #Wordpress

·patchstack.com·May 8, 2023

WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability