Tag: wordpress plugin

how to prevent security breaches

Authentication Failure in File Browser, Manager, Backup (+ Database) WordPress Plugin

While reviewing malware, the SiteLock Research Team detected suspicious code in a WordPress plugin. We reviewed the suspicious code and found the plugin wasn’t malicious per se, though it was potentially vulnerable to attack. We will discuss the plugin and analyze its unique authentication issues, and then discuss mitigation and the dangers of using unsupported plugins.

Visit wpdistrict.sitelock.com for the full story.

WordPress security

A Brief Survey of Fake WordPress Plugins

In the latest article from the SiteLock research team, we’ll discuss how fake plugins get on to WordPress sites, analyze a well known fake plugin to provide a sense of what they can do, look at a non-exhaustive list of fake plugins and a couple of interesting features, and discuss ways to avoid being victimized by fake plugins.

Read the full story at our WordPress-focused site, wpdistrict.sitelock.com.

WordPress security

My Hacked WordPress Site Was Fixed, Now What?

The unfortunate happens and your WordPress site is compromised. You recover from the hack through backups or SiteLock’s malware removal service, yet you still feel at unease.

The truth is, once a WordPress site recovers from a compromise, there’s a bit more to do. Learn about simple post-compromise steps that can help harden your site from future attacks.

Learn more at wpdistrict.sitelock.com.

WordPress plugin vulnerability

SiteLock Research Team Uncovers WordPress Plugin Vulnerability

The SiteLock Research Team will have many firsts as it develops. This week we’ll discuss the first reported and patched vulnerability the team found, a minor cross-site scripting vulnerability in Testimonial Slider.

The team has been working on putting together a new vulnerability research process.   During the creation of this process, we tested a not-so-randomly chosen WordPress plugin, Testimonial Slider. We chose Testimonial Slider for no other reason than it was a slider plugin, after the recent Revolution Slider exploit.

What Does Testimonial Slider Do?

Testimonial Slider, developed by SliderVilla.com, displays customer testimonials in a responsive slider and has over 10,000 installs. We analyzed version 1.2.1 using SiteLock TrueCode and manual analysis.

Read More

Powered by WordPress & Theme by Anders Norén