The WPScan WordPress security research team identified two serious vulnerabilities affecting the Super Progressive Web Apps WordPress plugin, affecting over 50,000+ WordPress websites. Our users were warned about these vulnerabilities on June 29th, 2021 when they were added to our database. Authenticated (subscriber+) Arbitrary File Upload to RCE Description When the plugin’s Apple Touch Icons…
In March, the WPScan WordPress security research team discovered Cross-Site Request Forgery (CSRF) protection bypasses in 37 WordPress plugins, affecting over 200,000+ active WordPress websites. The vulnerabilities were responsibly disclosed, resulting in the 37 plugins either being patched or removed from the official WordPress plugin repository. Cross-Site Request Forgery (CSRF) is a vulnerability that can…
On July 13th two critical SQL Injection vulnerabilities were reported and patched in the WooCommerce and WooCommerce Blocks WordPress plugins. SQL Injection vulnerabilities allow attackers to ‘piggyback’ on SQL queries, usually allowing the attacker to read, write and edit database data. Although SQL Injection vulnerabilities can sometimes be difficult to exploit manually, tools such as…
Over the past 10 years that WPScan have been cataloging WordPress vulnerabilities, we have had many hundreds of independent security researchers contribute to our WordPress vulnerability database. Today, we talk to m0ze, a long time WPScan vulnerability database contributor, who shares his thoughts on the state of WordPress security today. Please introduce yourself.My name is…
Today, April 15th, 2021, WordPress released version 5.7.1, a security and maintenance release that reportedly patches two security vulnerabilities.
The WordPress release announcement lists the following two security vulnerabilities as being patched in version 5.7.1:
Let’s take a closer look at these vulnerabilities and see what other information we can find out about them.
Zerodium, a company that buys security exploits to then resell to government entities, tripled its price for WordPress Remote Command Execution (RCE) exploits.
In a tweet sent out on Friday, April 9th, Zerodium announced that they had temporarily tripled the price they pay out to security researchers for WordPress RCE exploits. Increasing the payout from $100,000 to $300,000.
Over 14,000 covid test patients were affected by a data leak in Germany this week. This was due to the testing centre software using incremental identifiers in their custom WordPress REST API endpoint.
A member of the WPScan research team discovered two security vulnerabilities within the premium WooCommerce Customers Manager WordPress plugin, versions less than 26.6.
The following two vulnerabilities were identified and added to our WordPress vulnerability database:
- Authenticated Reflected Cross-Site Scripting – CVSS: 7.1 (High)
- Arbitrary User Account Creation/Update via CSRF – CVSS: 8.8 (High)
What are Configuration File Backups?
WordPress has a special file named wp-config.php that stores sensitive configuration information for your website.
By default, the
wp-config.php file stores the following information:
- MySQL settings
- Secret keys
- Database table prefix
Developers can also store other sensitive information in the file.