WordPress GDPR Plugin Compromised

Vulnerabilities in the popular WordPress GDPR Compliance plugin, which has over 100,000 active installations have been exploited compromising thousands of websites. The plugin is designed to help websites and online shops become compliant with the EU’s General Data Protection Regulation (GDPR). It supports plugins such as Contact Form, Gravity Forms, WordPress Comments, and WooCommerce. The vulnerability allows […]

Read More

WordPress.com hack exposes confidential code

The company that maintains the WordPress.com blogging platform said hackers gained root access to its servers and made off with sensitive code belonging to it and its partners. Wednesday’s advisory from Automattic is the latest to detail a breach on a company entrusted to keep customer information private. The company, which serves about 18 million […]

Read More

WordPress Vulnerability in BackWPup Plugin

A remote execution vulnerability has been discovered in WordPress backup utility BackWPup. According to Sydney (Australia) company Sense of Security, which published the advisory along with a proof-of-concept, the vulnerability allows local or remote PHP files to be passed to a component of the utility. “The input passed to the component wp_xml_export.php via the ‘wpabs’ […]

Read More