Dismiss this notice
novaPDF Professional Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5523

Dismiss this notice
Ashampoo PDF PRO Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5524

Dismiss this notice
Undelete 11 Professional Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5522

Dismiss this notice
ExpressVPN Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5521

Dismiss this notice
Macrium Reflect Home Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5520


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
WordPress, WooCommerce flaws combine to allow website hijacking
#1
Quote:A flaw in how WordPress handles privilege assignments can be exploited to permit attackers to hijack WooCommerce websites.

The issue in the content management system (CMS) was discovered by Simon Scannell, a security researcher from RIPS Technologies, who said in a blog post that the design flaw specifically impacts WooCommerce, a popular WordPress plugin which has been downloaded over four million times.

"The vulnerability allows shop managers to delete certain files on the server and then to take over any administrator account," the security researcher says.

The plugin has been developed by Automattic and is a free e-commerce system for WordPress-based websites.

A file deletion bug was found in the software, and on its own, would generally not be considered critical as the best an attacker could do would be to delete index.php pages and cause a denial of service. However, when coupled with the WordPress design flaw, the bug's severity increases.

Source: https://www.zdnet.com/article/wordpress-...hijacking/
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
ProtonVPN specialoffer SAVE UP TO 40%
Last Post: tofana
Yesterday 22:47
» Replies: 0
» Views: 15
NordVPN save 75%!
Last Post: tofana
Yesterday 21:43
» Replies: 0
» Views: 15
3-year CyberGhost subscription for only ...
Last Post: tofana
Yesterday 21:34
» Replies: 0
» Views: 18
Zemana AntiMalware 3.0 Beta Updates
Last Post: JM Safe
Yesterday 21:26
» Replies: 17
» Views: 534
ACDSee Photo and Video Editing Software ...
Last Post: tofana
Yesterday 21:26
» Replies: 0
» Views: 23
GFYI [Official] ExpressVPN Valentines 20...
Last Post: pisondi
Yesterday 21:19
» Replies: 17
» Views: 1922
Sophos Home (Antivirus)
Last Post: silversurfer
Yesterday 20:49
» Replies: 2
» Views: 110
80% of the Top Exploited Vulnerabilities...
Last Post: silversurfer
Yesterday 20:05
» Replies: 0
» Views: 21
What is your favourite AntiVirus?
Last Post: jasonX
Yesterday 18:56
» Replies: 24
» Views: 547
What firewall do you use and trust?
Last Post: jasonX
Yesterday 18:54
» Replies: 6
» Views: 136
GFYI [Official] Undelete 11 Professional...
Last Post: Raur
Yesterday 17:15
» Replies: 9
» Views: 581
Apeaksoft Video Converter Ultimate 1.0.1...
Last Post: smieszko
Yesterday 16:27
» Replies: 0
» Views: 20
PM text black?
Last Post: damien76
Yesterday 16:17
» Replies: 7
» Views: 145
ESET PRODUCTS FOR WINDOWS DEVICES 2019
Last Post: damien76
Yesterday 16:13
» Replies: 2
» Views: 52
GFYI [Official] Macrium Reflect Home Val...
Last Post: damien76
Yesterday 16:11
» Replies: 28
» Views: 1662
Win a Samsung Galaxy S10
Last Post: tofana
Yesterday 13:20
» Replies: 0
» Views: 28
Mozilla Firefox 66 Now Available for Dow...
Last Post: silversurfer
Yesterday 13:15
» Replies: 0
» Views: 21
Chromium-Based Microsoft Edge Installer ...
Last Post: silversurfer
Yesterday 13:15
» Replies: 0
» Views: 28
DOOGEE S40
Last Post: tofana
Yesterday 12:19
» Replies: 0
» Views: 18
Roku Streaming Stick+ Giveaway
Last Post: tofana
Yesterday 12:06
» Replies: 0
» Views: 31

[-]
Staffs Online
There are no staff members currently online.