<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: vulnerability

Vulnerability in Simple File List 5.4 exploited

BANNER18b

 

The new week started with a new campaign trying to widely use the Arbitrary File Upload vulnerability in the Simple File List plugin for WordPress.

Cross-Site Scripting vulnerability in Post Grid WordPress plugin

IMUNIFY360_STORE-CROSS_Websites2

 

The high severity vulnerability in Post Grid WordPress plugin that appeared in public resources is suspected to be the cause of attackers’ interest to exploit the affected systems.

The discovered vulnerability allows an attacker to forge the template with further inclusion of its code to the application's backend with the ability to perform malicious actions involving privileged users. This could end up with a stolen administrator session or malware injection.

Critical Vulnerability In File Manager Plugin For WordPress

IMUNIFY360_NEUT_MAL_GRAPHICS_V2_02

On Wednesday, 2 September, the Imunify360 Web Protection Team detected a significant rise in blocked malware that day. Most of the malware was located in the /wp-file-manager/lib/files/ directory path.

When we investigated, we determined that there was a critical vulnerability in the File Manager plugin for WordPress, and that this vulnerability affected a variety of applications.

Vulnerable PressForward WordPress Plugin Was Available Almost a Year

IMUNIFY360_NEUT_MAL_GRAPHICS_V2_01 (1)

 

The Imunify security team recently detected a vulnerable plugin in the WordPress plugin directory. It’s called PressForward, and it’s used to manage editorial workflow. This free plugin included an iframe that could be used to send visitors to a malicious web page. 

The Imunify team identified the vulnerability in this plugin on the first of July, 2020. At the time it was discovered, the plugin was installed on 800+ websites, where it could be used to send visitors to phishing sites and conduct black SEO campaigns. The plugin’s change log indicates that it has been there for almost a year: