Blogs
Links
Archives
Categories
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sponsors
(Paypal-Donations)Recent Comments
- guenni on Windows 11 22H2: Microsoft confirms performance issues when copying files
- guenni on Microsoft's account suspensions and the OneDrive 'nude' photos
- Falaipas on Microsoft's account suspensions and the OneDrive 'nude' photos
- EP on Edge 107.0.1418.62
- Bill Haney on Office 365: Outlook suddenly requests password (August 29, 2022)
Meta
Recent Comments
- guenni on Windows 11 22H2: Microsoft confirms performance issues when copying files
- guenni on Microsoft's account suspensions and the OneDrive 'nude' photos
- Falaipas on Microsoft's account suspensions and the OneDrive 'nude' photos
- EP on Edge 107.0.1418.62
- Bill Haney on Office 365: Outlook suddenly requests password (August 29, 2022)
Archives
Categories
Meta
Tag Archives: WordPress
WordPress: Backdoors in AccessPress Themes and Plugins
[German]WordPress users beware, there are again massive vulnerabilities in WordPress plugins and themes due to a supply chain attack on the provider AccessPress. In dozens of plugins and themes of this provider hackers have built backdoors to hack the sites … Continue reading
Advertising
WordPress 5.8.3 released
WordPress version 5.8.3 has been released on January 6, 2022. This new version fixes 4 security issues affect WordPress versions between 3.7 and 5.8. If you haven't yet updated to 5.8, all WordPress versions since 3.7 have also been updated … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
WordPress: 800,000 websites compromisable by All in One SEO plugin
[German]The popular WordPress plugin All in One SEO has two vulnerabilities (CVE-2021-25036 and CVE-2021-25037), which make the corresponding installations vulnerable. Since the plugin is quite popular, you should immediately look to get an updated version. Otherwise, the WordPress instance will … Continue reading
Advertising
Heavy attacks on 1.6 million WordPress sites (Dec. 9, 2021)
[German]Security vendor WordFence's Threat Intelligence team noticed a dramatic increase in vulnerability attacks on WordPress instances on December 9, 2021. In the past 36 hours, the Wordfence network has blocked over 13.7 million attacks against four different plugins and several … Continue reading
WordPress Plugin Hide My WP with SQL Injection Vulnerability
[German]One of the most popular "security" plugins for WordPress, Hide My WP, has just attracted negative attention due to a fat SQL injection vulnerability. Another bug allows an attacker to simply disable the plugin Advertising
Advertising
WordPress: Sites hacked via plugin, shows fake ransomware claim (Nov. 2021)
[German]Currently, some operators of WordPress sites are caught on the wrong foot. The affected WordPress instances show a warning that the site is encrypted. A ransom of 0.1 Bitcoin is demanded for decryption. However, the WordPress instance is not encrypted, … Continue reading
WordPress 5.8.2 released
The developers have released WordPress 5.8.2 on November 10, 2021. This maintenance and security update fixes a security issue and 2 bugs. The changed files are described here. Here in the blogs the update to the new version was executed … Continue reading
WordPress and the wintertime trap for scheduled posts
[German]In the night of October 31, 2021, clocks in Europe will be changed back to winter time (standard time). Currently WordPress is still running on daylight saving time. I have now noticed a small problem when scheduling publications. I wanted … Continue reading
Advertising
WordPress: Vulnerability in Ninja Forms Plugin
[German]There is a new vulnerability in the WordPress plugin Ninja Forms that affects all versions up to 3.6.3. An SQL injection is potentially possible via the vulnerability, so that database queries via input fields are conceivable. The plugin provider released … Continue reading
WordPress DSGVO Plugin from legalweb.io hacked
[German]The GDPR plugin for WordPress from the provider legalweb.io has been hacked. WordPress installations that have used this plugin are considered compromised. Users are being redirected to malware sites. Here is a brief summary of what I am aware of … Continue reading
