LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Hackers‌ ‌Actively‌ ‌Exploiting‌ ‌0-Day‌ ‌in WordPress Plugin

2 years ago 73
BOOK THIS SPACE FOR AD
ARTICLE AD

3. June 2021

This article has been indexed from Softpedia News / Security

Fancy Product Designer, a WordPress plugin used on over 17,000 websites, contains a critical file upload vulnerability that is currently being exploited in the wild to upload malware to websites where the plugin is installed.  

The vulnerability was identified by Wordfence’s Threat Intelligence team and reported to the vendor on May 31. Although the issue has been identified, it has yet to be fixed.  

Fancy Product Designer is a platform that allows businesses to offer personalized items. Customers can design anything from t-shirts to phone cases by uploading photos and PDF files that can then be integrated into the product. 

Wordfence said in a write-up published on Tuesday that “Unfortunately, while the plugin had some checks in place to prevent malicious files from being uploaded, these checks were insufficient and could easily be b…

Read the original article: Hackers‌ ‌Actively‌ ‌Exploiting‌ ‌0-Day‌ ‌in WordPress Plugin

Read Entire Article
  3. Hackers‌ ‌Actively‌ ‌Exploiting‌ ‌0-Day‌ ‌in WordPress Plugin

Related

Europol op shutters 12 scam call centers and cuffs 21 suspected fraudsters

Europol op shutters 12 scam call centers and cuffs 21 suspected fraudsters

Indonesia sneakily buys spyware, claims Amnesty International

Indonesia sneakily buys spyware, claims Amnesty International

Chinese government website security is often worryingly bad, say Chinese researchers

Chinese government website security is often worryingly bad, say Chinese researchers

Microsoft, Google do a victory lap around passkeys

Microsoft, Google do a victory lap around passkeys

Patch up – 4 critical bugs in ArubaOS lead to remote code execution

Patch up – 4 critical bugs in ArubaOS lead to remote code execution

Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round 

Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round 

Trending

1. Aston Villa
2. Kishori Lal Sharma
3. Raebareli Lok Sabha
4. VITEEE result 2024
5. Chelsea vs Tottenham
6. Shimron Hetmyer
7. Josh Baker Cricket
8. Hari Hara Veera Mallu
9. SRH बनाम RR
10. Karan Bhushan Singh

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved