A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin. LayerSlider is a versatile tool for creating responsive sliders, image galleries, and ...
A critical remote code execution vulnerability in PHPMailer has been discovered by Polish researcher Dawid Golunski. The vulnerability was announced on legalhackers.com yesterday but proof of concept exploit details were not included. Unfortunately someone posted a proof of concept to exploit-db ...
Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks. Jetpack is a popular plug-in that offers free website optimization, management and security features. It ...
Over the past few days, attackers have been exploiting an unpatched vulnerability in WP Mobile Detector, a WordPress plug-in installed on over 10,000 websites. The plug-in’s developer fixed the flaw, last Tuesday in version 3.6, but in addition to updating ...